Vulnerability Description
The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Loadedcommerce | Loaded7 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/128183/Loaded-Commerce-7-Shopping-Cart-SQL-ExploitThird Party AdvisoryVDB Entry
- http://resources.infosecinstitute.com/exploiting-systemic-query-vulnerabilities-PatchThird Party Advisory
- http://www.exploit-db.com/exploits/34552ExploitThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95791Third Party AdvisoryVDB Entry
- https://github.com/loadedcommerce/loaded7/pull/520PatchThird Party Advisory
- http://packetstormsecurity.com/files/128183/Loaded-Commerce-7-Shopping-Cart-SQL-ExploitThird Party AdvisoryVDB Entry
- http://resources.infosecinstitute.com/exploiting-systemic-query-vulnerabilities-PatchThird Party Advisory
- http://www.exploit-db.com/exploits/34552ExploitThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95791Third Party AdvisoryVDB Entry
- https://github.com/loadedcommerce/loaded7/pull/520PatchThird Party Advisory
FAQ
What is CVE-2014-5140?
CVE-2014-5140 is a vulnerability with a CVSS score of 8.8 (HIGH). The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQ...
How severe is CVE-2014-5140?
CVE-2014-5140 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-5140?
Check the references section above for vendor advisories and patch information. Affected products include: Loadedcommerce Loaded7.