CVE-2006-4214: SQL Injection
First published: Thu Aug 17 2006(Updated: )
Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) GPC data to the ipn_get_stored_session function in ipn_main_handler.php, which can be leveraged to modify elements of $_SESSION; and allow remote authenticated users to execute arbitrary SQL commands via (2) a session id within a cookie to whos_online_session_recreate, (3) the quantity field to the add_cart function, (4) an id[] parameter when adding an item to a shopping cart, or (5) a redemption code when checking out (dc_redeem_code parameter to includes/modules/order_total/ot_coupon.php).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zen Cart Zen Cart | <=1.3.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.gulftech.org/?node=research&article_id=00109-08152006
- http://www.securityfocus.com/bid/19542
- http://secunia.com/advisories/21484
- http://www.osvdb.org/28145
- http://www.osvdb.org/28146
- http://www.osvdb.org/28147
- http://www.zen-cart.com/forum/showthread.php?t=43579
- http://www.osvdb.org/28144
- http://www.osvdb.org/28148
- http://www.vupen.com/english/advisories/2006/3283
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28393
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/zen cart
- canonical/zen cart zen cart
- version/zen cart zen cart/1.3.0.2