• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor Web Shopping Cart Hidden Form Field Vulnerability

Solution:
As this problem affects multiple products, check your vendors homepage for solution information.

In the ISS advisory the following products are listed as having been fixed:

@Retail (http://www.atretail.com)
Cart32 2.6 (http://www.cart32.com)
CartIt 3.0 (http://www.cartit.com)
Make-a-Store OrderPage (http://www.make-a-store.com)
SalesCart (http://www.salescart.com)
SmartCart (http://www.smartcart.com)
Shoptron 1.2 (http://www.shoptron.com)

Cart32 version3.0 is still vulnerable.