PHPShop & VirtueMart SQL Injection Vulnerabilities & Unsafe Method Usage
Affected Products
PHPShop & VirtueMart
Affected Version
PHPShop versions prior to 0.8.1 and VirtueMart versions prior to VirtueMart 1.0.11.
Affected Vendors
Both independent open source projects.
Vendor Response
Both vendors released new versions to patch the main vulnerabilities.
Disclosure Timeline
2007.04.30 - Vendors Notified
2007.06.14 - VirtueMart release version 1.0.11 to patch SQL Injection vulnerability.
2007.07.04 - PHPShop release version 0.8.1 to patch SQL Injection vulnerability.
Vulnerability Details
Seperate SQL injection issues were discovered in both PHPShop and VirtueMart - both are undisclosed owing to the sensitive nature of data on these applications. Both systems also make unsafe use of MySQL's Encode() & Decode() functions which are shown to be vulnerable to a known plaintext attack.
Original Disclosure
http://seclists.org/fulldisclosure/2007/Jul/0110.html
|
|