Multiple security vulnerabilities exist in PHPShop_PHP Tutorial

Affected systems:

phpShop phpShop 0.6.1-b

Detailed description:

phpShop is an e-commerce program based on PHP that can be easily expanded. WEB function. There are multiple security issues in phpShop. Remote attackers can use these vulnerabilities to attack the database, obtain sensitive information, and execute arbitrary script code.

The specific problems are as follows:

1. SQL injection vulnerability:

There is a SQL injection problem when updating the session, which can be modified by submitting malicious SQL commands to the "page" variable. The original SQL logic also has the same problem when injecting the "product_id" and "offset" variables.

2. User information leakage vulnerability:

A large amount of customer information can be obtained by querying the "account/shipto" module. Administrator information may also be viewed if the user logs in with a legitimate account. This information includes the customer's address, company name and other information.

3. Cross-site scripting attack:

Multiple parameters lack adequate filtering of the URI parameters submitted by the user. Submitting data containing malicious HTML code can trigger a cross-site scripting attack, possibly Obtain sensitive information of target users.

Currently the manufacturer has not provided patches or upgrades.