WEB APPLICATION VULNERABILITIES Standard & Premium

WordPress Plugin Shopping Cart Multiple SQL Injection and Arbitrary File Upload Vulnerabilities (8.1.14)

Description

WordPress Plugin Shopping Cart is prone to multiple SQL injection vulnerabilities and an arbitrary file upload vulnerability because it fails to sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Shopping Cart version 8.1.14 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 8.1.15 or latest

References

http://www.securityfocus.com/bid/57101/exploit

http://www.opensyscom.fr/Actualites/wordpress-plugins-wordpress-shopping-cart-multiple-vulnerability.html

http://packetstormsecurity.com/files/119217/WordPress-Shopping-Cart-8.1.14-Shell-Upload-SQL-Injection.html

http://secunia.com/advisories/51690/

Related Vulnerabilities

MySQL CVE-2021-35610 Vulnerability (CVE-2021-35610)

MySQL CVE-2016-3477 Vulnerability (CVE-2016-3477)

WordPress Plugin WooCommerce Upload Files Arbitrary File Upload (59.3)

Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-2902)

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-7659)

Severity

High

Classification

CWE-89 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update SQL Injection Unauthenticated File Upload