Home page logo
/

bugtraq logo Bugtraq mailing list archives

Shopping Cart V0.9
From: luny () youfu**ktard com
Date: 5 Jul 2006 04:02:39 -0000

Shopping Cart V0.9

Homepage:
http://glendown.de/shop/

Affected files:

index.php
editshop.php
edititem.php
-----------------------------------------

XSS vuln on editshop.php & edititem.php:

Data isn't sanatized before being entered. For a PoC as a shop name or item enter in:

<script>alert('xss')</script>

The shop names also appear on index.php, so it's affected here too.


  By Date           By Thread  

Current thread:
  • Shopping Cart V0.9 luny (Jul 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault