PrestaShop Mpay24 Payment Module information leakage and SQL Injection Vulnerability

PrestaShop Mpay24 Payment Module information leakage and SQL Injection Vulnerability

Released on: 2014-09-03
Updated on: 2014-09-04

Affected Systems:
Mpay24 Mpay24 1.5
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69560
CVE (CAN) ID: CVE-2014-2008, CVE-2014-2009

Prestashop is an e-commerce solution. Mpay24 is an online payment system for e-commerce and mobile e-commerce.

Mpay24 Payment Module 1.5 and other versions have information leakage and SQL Injection Vulnerabilities. After successful exploitation, attackers can perform unauthorized database operations.

<* Source: Eldar Marcussen

Link: http://seclists.org/fulldisclosure/2014/Sep/23
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/path/modules/mpay24/confirm.php? MPAYTID = 1 & amp; STATUS = bbb & amp; TID = a % 27% 20or % 20% 27a % 27% 20in % 20% 28 select % 20IF % 28 SUBSTR % 28 @ version, 281000000 = 5, BENCHMARK %, SHA1 % 280 xDEADBEEF % 29% 29, % 20 false % 29% 29; % 20 -- +

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Mpay24
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Www.mpay24.com

This article permanently updates the link address: