SunShop Shopping Cart User-Embedded Scripting Vulnerability

SunShop is commercial web store software. It is written in PHP, and will run on most Unix and Linux operating systems as well as Microsoft Windows.

SunShop allows attackers to embed arbitrary script code into form fields. This may enable a remote attacker to perform actions as the administrative user of the shopping cart.


Privacy Statement
Copyright 2010, SecurityFocus