ECW Shop Index.PHP Cross Site Scripting Vulnerability

info
discussion
exploit
solution
references

ECW Shop Index.PHP Cross Site Scripting Vulnerability

ECW Shop is prone to a cross-site scripting vulnerability. This issue is due to a lack of proper sanitization of user-supplied input.

This type of exploitation could allow for theft of cookie-based authentication credentials; other attacks are also possible.