Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title X-Cart contains multiple vulnerabilities
Informations
Name VU#924124 First vendor Publication 2015-04-02
Vendor VU-CERT Last vendor Modification 2015-04-02
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score 6.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#924124

X-Cart contains multiple vulnerabilities

Original Release date: 02 Apr 2015 | Last revised: 02 Apr 2015

Overview

X-Cart versions 5.1.6 through 5.1.10 are vulnerable to cross-site scripting (XSS), and versions 5.1.10 and below are vulnerable to authorization bypass.

Description

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - CVE-2015-0950

X-Cart versions 5.1.6 through 5.1.10 contain a reflected cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script via the query string parameter substring in admin.php.

CWE-639: Authorization Bypass Through User-Controlled Key -CVE-2015-0951

X-Cart versions 5.1.10 and below contain an insecure direct object reference vulnerability. An attacker can obtain or delete address data associated with other user accounts by manipulating parameters in requests to update or remove addresses. The CVSS score below reflects this issue.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary script in the context of the end-user's browser session. A remote, authenticated attacker may be able to obtain or remove data associated with other users' accounts.

Solution

Apply an update

The vendor has released X-Cart 5.1.11 to address the vulnerabilities. Users are advised to upgrade.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
X-CartAffected03 Feb 201502 Apr 2015
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base6.5AV:N/AC:L/Au:S/C:P/I:P/A:P
Temporal4.8E:POC/RL:OF/RC:UR
Environmental3.6CDP:N/TD:M/CR:ND/IR:ND/AR:ND

References

  • http://www.x-cart.com/
  • https://blog.x-cart.com/5-1-11-released.html
  • http://cwe.mitre.org/data/definitions/79.html
  • http://cwe.mitre.org/data/definitions/639.html

Credit

Thanks to Yasser Ali for reporting this vulnerability.

This document was written by Joel Land.

Other Information

  • CVE IDs:CVE-2015-0950CVE-2015-0951
  • Date Public:02 Apr 2015
  • Date First Published:02 Apr 2015
  • Date Last Updated:02 Apr 2015
  • Document Revision:13

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/924124

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-264 Permissions, Privileges, and Access Controls
50 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 18

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2015-04-06 21:30:52
  • Multiple Updates
2015-04-05 09:29:48
  • Multiple Updates
2015-04-03 05:24:34
  • First insertion