SunShop Shopping Cart Cross-Site Scripting Vulnerability
BID:12438
Info
SunShop Shopping Cart Cross-Site Scripting Vulnerability
| Bugtraq ID: | 12438 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 03 2005 12:00AM |
| Updated: | Feb 03 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to SmOk3 [[email protected]]. |
| Vulnerable: |
TurnkeyWebTools SunShop Shopping Cart 3.4 RC1 |
| Not Vulnerable: | |
Discussion
SunShop Shopping Cart Cross-Site Scripting Vulnerability
SunShop Shopping Cart is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.
This issue is reported to affect SunShop Shopping Cart version 3.4RC1; earlier versions may also be affected.
SunShop Shopping Cart is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.
This issue is reported to affect SunShop Shopping Cart version 3.4RC1; earlier versions may also be affected.
Exploit / POC
SunShop Shopping Cart Cross-Site Scripting Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
SunShop Shopping Cart Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
SunShop Shopping Cart Cross-Site Scripting Vulnerability
References:
References:
- SunShop Shopping Cart Homepage (TurnkeyWebTools)
- SunShop Shopping Cart SS#25012005 (SystemSecure.org)