CVE-2018-25341

Smartshop 1 SQL Injection via product.php id Parameter

CVSS 8.8 HIGHEPSS 0.3%CWE-89

Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id parameter to extract sensitive database information including usernames and database names.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Affected products

Behance · Smartshop

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/44823unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/smakosh/Smartshop/archive/master.zip https://www.behance.net/gallery/49080415/Smartshop-Free-e-commerce-website https://www.exploit-db.com/exploits/44823 https://www.vulncheck.com/advisories/smartshop-1-sql-injection-via-product-php-id-parameter