Posted by rwenzel on Jan 23
The Bigware shop software prior to version 2.15 contains a SQL injection, resulting in full database compromise. Theinjection point is the POST parameter 'lastname' in the module main_bigware_43.php. A user must be created before
exploitation.
Proof of concept is at http://files.dw-itsecurity.de/43.zip
Do it manually: Create a valid user at www.shopsite.com/main_bigware_10.php. Open www.shopsite.com/main_bigware_43.php
and add the...