CX SQL_Injection @ website/cart/action.php [master]

[vish07]

SQL_Injection issue exists @ website/cart/action.php in branch master

Method <?php at line 1 of website\cart\action.php gets user input from the _POST element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in a database query in method add_coupon at line 12 of website\include\cart.php. This may enable an SQL Injection attack.

Severity: High

CWE:89

Vulnerability details and guidance

Checkmarx

Lines: 71 104 31

---

Code (Line #71):

     foreach($_POST['pics'] as $picid)

---

Code (Line #104):

     Cart::add_coupon($cart['id'], $_POST['couponcode']);

---

Code (Line #31):

   if (!Cart::add_to_cart($cart['id'], $_GET['picid']))

---

[vish07]

Issue still exists.

[vish07]

Issue still exists.