Hello, My clients control scan won't pass because I need to not allow the use of "admin" as a user name. What can I do to add this so my client can pass. I'm so frustrated and want to get her to pass.
Hello, My clients control scan won't pass because I need to not allow the use of "admin" as a user name. What can I do to add this so my client can pass. I'm so frustrated and want to get her to pass.
Here is what Control Scan says I need to do.
This is what they are saying I have to fix in order to pass.
THREAT REFERENCE
Summary:
Blind SQL injection vulnerability in utm_source parameter to /cc-skye/
Risk: High (3)
Port: 80/tcp
Protocol: tcp
Threat ID: web_prog_sql_blind
Details: When a web application uses user-supplied input parameters
within SQL queries without first checking them for unexpected
characters, it becomes possible for an attacker to
manipulate the query. This type of attack is known as a
SQL injection attack.
For example, suppose a web program passes the following
query to the database application:
SELECT * FROM USERS WHERE USERNAME='$user' AND PASSWORD='$pass'
where $user and $pass are variables supplied by the user through a web form.
So if the user were to enter the name "admin" and the password "abc", the query would become:
SELECT * FROM USERS WHERE USERNAME='admin' AND PASSWORD='abc'
and the database would return any existing record where the username is "admin" and the password is "abc", thus authenticating
the user if the password "abc" is correct. Now suppose an attacker were to enter a malformed password such as the following:
' OR 'a'='a
Inserting the malformed password into the query exactly as
it appears above would cause the query to become:
SELECT * FROM USERS WHERE USERNAME='admin' AND PASSWORD='' OR 'a'='a'
The resulting query would return the records where the username
is "admin" and the password is null OR the string 'a' equals 'a', which is always true.
Thus, by manipulating the SQL query, all records are returned from the table
without having known the correct password.
This is just one example of an attack which is possible
using SQL injection. Other forms of attacks could allow
the attacker to gain unauthorized read, write, or delete
access to the database, or to retrieve passwords.
There are also security bypass vulnerabilities which allow for the
bypass of anti-sql-injection filters in the software.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.