2008-0546 | Shoppingtree Candypress Store sql injection (BID-27454 / XFDB-39939)

CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score
6.6 $0-$5k 0.49

A vulnerability, which was classified as critical, was found in Shoppingtree Candypress Store up to 4.1. Affected is an unknown code. The manipulation of the argument recid with an unknown input leads to a sql injection vulnerability. CWE is classifying the issue as CWE-89. This is going to have an impact on confidentiality, integrity, and availability. An attacker might be able inject and/or alter existing SQL statements which would influence the database exchange.

The bug was discovered 01/25/2008. The weakness was published 02/01/2008 (Website). The advisory is shared for download at xforce.iss.net. This vulnerability is traded as CVE-2008-0546 since 02/01/2008. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn’t require any form of authentication. Technical details and a public exploit are known.

It is declared as proof-of-concept. The exploit is shared for download at securityfocus.com. The vulnerability was handled as a non-public zero-day exploit for at least 3 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 30107 (CandyPress Store admin/utilities_ConfigHelp.asp helpfield Parameter SQL Injection), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CGI abuses and running in the context remote.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the databases at SecurityFocus (BID 27454), X-Force (39939), Secunia (SA28662), Vulnerability Center (SBV-17541) and Tenable (30107). Similar entries are available at 41010, 41009, 41008 and 41007.



VulDB Meta Base Score: 7.3
VulDB Meta Temp Score: 6.6

VulDB Base Score: 7.3
VulDB Temp Score: 6.6
VulDB Vector: 🔍
VulDB Reliability: 🔍

🔍 🔍 🔍 🔍 🔍 🔍
🔍 🔍 🔍 🔍 🔍 🔍
🔍 🔍 🔍 🔍 🔍 🔍
Vector Complexity Authentication Confidentiality Integrity Availability
unlock unlock unlock unlock unlock unlock
unlock unlock unlock unlock unlock unlock
unlock unlock unlock unlock unlock unlock

VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍

NVD Base Score: 🔍

Class: Sql injection
ATT&CK: Unknown

Local: No
Remote: Yes

Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍

Price Prediction: 🔍
Current Price Estimation: 🔍

0-Day unlock unlock unlock unlock
Today unlock unlock unlock unlock

Nessus ID: 30107
Nessus Name: CandyPress Store admin/utilities_ConfigHelp.asp helpfield Parameter SQL Injection
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍

Exploit-DB: 🔍

Threat Intelligenceinfoedit

Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔍

Upgrade: xforce.iss.net

01/25/2008 🔍
01/25/2008 +0 days 🔍
01/25/2008 +0 days 🔍
01/28/2008 +3 days 🔍
02/01/2008 +4 days 🔍
02/01/2008 +0 days 🔍
02/01/2008 +0 days 🔍
02/04/2008 +3 days 🔍
03/16/2015 +2597 days 🔍
08/11/2017 +879 days 🔍
07/30/2021 +1449 days 🔍Advisory: xforce.iss.net
Status: Not defined
Confirmation: 🔍

CVE: CVE-2008-0546 (🔍)
SecurityFocus: 27454 – CandyPress Multiple Input Validation Vulnerabilities
Secunia: 28662
X-Force: 39939
Vulnerability Center: 17541 – CandyPress (CP) Multiple Vulnerabilities Allows Remote Arbitrary SQL Commands Injection, High
OSVDB: 40699 – CandyPress Store multiple scripts SQL injection
Vupen: ADV-2008-0314

scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍

Created: 03/16/2015 13:43
Updated: 07/30/2021 19:52
Changes: (3) source_nessus_filename exploit_price_0day vulnerability_cvss2_nvd_basescore
Complete: 🔍

Download it now for free!

Source link