Name: Anonymous 2012-09-20 5:21
ITT: We share 0day security vulnerabilities in public software.
Me first.
OsCommerce Newsletters & Subscribers Osc Addon (Download Link: http://addons.oscommerce.com/info/8540)
Vulnerable code:
newsletters_subscribe.php line 16:
$subscribers_info = tep_db_query("select subscribers_id from " . TABLE_SUBSCRIBERS . " where subscribers_email_address = '" . $HTTP_POST_VARS['Email'] . "' ");
There are various other points in the code where POST input is not sanitized allowing SQL injection.
Me first.
OsCommerce Newsletters & Subscribers Osc Addon (Download Link: http://addons.oscommerce.com/info/8540)
Vulnerable code:
newsletters_subscribe.php line 16:
$subscribers_info = tep_db_query("select subscribers_id from " . TABLE_SUBSCRIBERS . " where subscribers_email_address = '" . $HTTP_POST_VARS['Email'] . "' ");
There are various other points in the code where POST input is not sanitized allowing SQL injection.