Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
|
12-03-2005, 11:33 AM,
(This post was last modified: 12-03-2005, 11:43 AM by mandy.)
Post: #1
|
|||
|
|||
Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
A new security hole was discovered a few hours ago in ZenCart ver 1.26d (the latest release). No patch available at this time. The affected file is admin/password_forgotten.php. If you are using Zen it is highly advisable to temporarily disable the password_forgotten file (change its name to something like password_forgotten.phpmandy ).
In an SQL Injection attack the hacker is able to execute remote code on your MYSQL database and server-i.e. a hacker could run code to get all of your store's customer info and credit card numbers on your server, your passwords, etc. (a malicious hacker could even use the exploit to delete your entire database) More info on this hole: http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5449 more info on SQL Injection here: http://www.securiteam.com/securityreview...1P76E.html http://www.unixwiz.net/techtips/sql-injection.html |
|||
12-03-2005, 08:04 PM,
Post: #2
|
|||
|
|||
Re: Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
NADA on the Zen support forums about the hole but I'm sure every hacker is already on Google looking for sites using Zen. :blinkie: [url=http://directory.allmusicsearch.com/allmusicmeta/search/"zencart"-and-"sql-injection"/1-1.html]A search shows [/url] version 1.12d also had an SQL Injection problem and needed a patch.
|
|||
12-04-2005, 04:28 AM,
Post: #3
|
|||
|
|||
Re: Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
Quote:NADA on the Zen support forums about the hole Nope. A useful resource to check to see if your scripts have any known security problems: http://nvd.nist.gov/nvd.cfm
"Well, Jay was so giddy that someone named Jay was involved with this site we posted our first non-eBay listing in 3 years here at Lunarbid (we tried two items at Yahoo once upon a time, they bombed)" -Marie posting in a LunarBid thread at OTWA in 2005 wins the award for 'most moronic reason ever given for choosing a venue"
"thanks twat u must have nothing better 2 do. do u talk to all your members like that. will not be recomending your site. best way to put it is TULIPTOOLS.COM IS REALLY SHIT. DONT JOIN." -pubescent owner of rinky dink off2auction.com in 2011 |
|||
12-06-2005, 06:08 AM,
(This post was last modified: 12-06-2005, 06:13 AM by regic.)
Post: #4
|
|||
|
|||
Re: Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
A patch to fix the hole is now available:
info: http://www.zen-cart.com/modules/mydownlo...php?cid=31 download: http://www.zen-cart.com/modules/mydownlo...hp?lid=544 All Zen Cart versions 1.1.x and 1.2.x require this patch not just 1.26d |
|||
12-06-2005, 02:38 PM,
Post: #5
|
|||
|
|||
Re: Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
That was quick.
"Well, Jay was so giddy that someone named Jay was involved with this site we posted our first non-eBay listing in 3 years here at Lunarbid (we tried two items at Yahoo once upon a time, they bombed)" -Marie posting in a LunarBid thread at OTWA in 2005 wins the award for 'most moronic reason ever given for choosing a venue"
"thanks twat u must have nothing better 2 do. do u talk to all your members like that. will not be recomending your site. best way to put it is TULIPTOOLS.COM IS REALLY SHIT. DONT JOIN." -pubescent owner of rinky dink off2auction.com in 2011 |
|||
« Next Oldest | Next Newest »
|
Users browsing this thread: 3 Guest(s)