JVN#43344629: Welcart vulnerable to SQL injection

Overview

Welcart contains an SQL injection vulnerability.

Products Affected

Welcart V1.5.2 and earlier

Description

Welcart provided by Collne Inc. is a WordPress plugin. Welcart contains an SQL injection vulnerability (CWE-89) due to a flaw in the processing of search[column] and switch parameter in admin.php.

Impact

An unauthenticated attacker may obtain or alter information stored in the database.

Solution

Apply an Update
Apply the update according to the information provided by the developer.

Vendor Status

Vendor	Status	Last Update	Vendor Notes
Collne Inc.	Vulnerable	2015/12/17	Collne Inc. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Base Score: 6.3

Attack Vector(AV)	Physical (P)	Local (L)	Adjacent (A)	Network (N)
Attack Complexity(AC)	High (H)	Low (L)
Privileges Required(PR)	High (H)	Low (L)	None (N)
User Interaction(UI)	Required (R)	None (N)
Scope(S)	Unchanged (U)	Changed (C)
Confidentiality Impact(C)	None (N)	Low (L)	High (H)
Integrity Impact(I)	None (N)	Low (L)	High (H)
Availability Impact(A)	None (N)	Low (L)	High (H)

CVSS v2 AV:N/AC:L/Au:S/C:P/I:P/A:P

Base Score: 6.5

Access Vector(AV)	Local (L)	Adjacent Network (A)	Network (N)
Access Complexity(AC)	High (H)	Medium (M)	Low (L)
Authentication(Au)	Multiple (M)	Single (S)	None (N)
Confidentiality Impact(C)	None (N)	Partial (P)	Complete (C)
Integrity Impact(I)	None (N)	Partial (P)	Complete (C)
Availability Impact(A)	None (N)	Partial (P)	Complete (C)

Credit

Shoji Baba reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE	CVE-2015-7791
JVN iPedia	JVNDB-2015-000200

JVN#43344629 Welcart vulnerable to SQL injection