CVE-2009-4060
published 2009-11-24CVE-2009-4060: SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.24%
80.6th percentile
SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cubecart | cubecart | <= 4.3.6 | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
| cubecart | cubecart | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow
exploitdb·2009-12-02·CVSS 9.0
CVE-2009-3586 [CRITICAL] CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow
CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow
---
# bugtraq: http://seclists.org/bugtraq/2009/Dec/99
# census ID: census-2009-0003
# URL: http://census-labs.com/news/2009/12/02/corehttp-web-server/
# CVE ID: CVE-2009-3586
# Affected Products: CoreHTTP web server versions buffer,
# 46: "%" PATHSIZE_S "[A-Za-z] %" PATHSIZE_S "s%*[ \t\n]", req, url);
#
# The buffers req and url are declared to be of size 256 bytes (PATHSIZE)
# and the sscanf() call writes 256 bytes (PATHSIZE_S) to these buffers
# without NULL terminating them.
#
# Note that this is not vulnerability CVE-2007-4060 in which the same
# sscanf() call contained no bounds check at all.
#
# This vulnerability can lead to denial of service attacks against the
# CoreHTTP web server and potentially to the remote execution
Exploit-DB
CubeCart 3.0.4/4.3.6 - 'ProductID' SQL Injection
exploitdb·2009-11-19
CVE-2009-4060 CubeCart 3.0.4/4.3.6 - 'ProductID' SQL Injection
CubeCart 3.0.4/4.3.6 - 'ProductID' SQL Injection
---
source: https://www.securityfocus.com/bid/37065/info
CubeCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The issue affects CubeCart 4.3.6; prior versions may also be affected.
http://www.example.com/store/index.php?_a=viewProd&productId=22+and+1=2+union+select+version()
No writeups or analysis indexed.
http://forums.cubecart.com/index.php?showtopic=39900http://osvdb.org/60306http://secunia.com/advisories/37402http://www.securityfocus.com/bid/37065http://www.vupen.com/english/advisories/2009/3290https://exchange.xforce.ibmcloud.com/vulnerabilities/54331http://forums.cubecart.com/index.php?showtopic=39900http://osvdb.org/60306http://secunia.com/advisories/37402http://www.securityfocus.com/bid/37065http://www.vupen.com/english/advisories/2009/3290https://exchange.xforce.ibmcloud.com/vulnerabilities/54331
2009-11-24
Published