OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
BID:12568
Info
OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
| Bugtraq ID: | 12568 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 15 2005 12:00AM |
| Updated: | Feb 15 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to "John Cobb" <[email protected]>. |
| Vulnerable: |
osCommerce osCommerce 2.2 ms2 |
| Not Vulnerable: | |
Discussion
OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks.
This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks.
This vulnerability is reported to exist in osCommerce version 2.2-MS2, other versions might also be affected.
A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks.
This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks.
This vulnerability is reported to exist in osCommerce version 2.2-MS2, other versions might also be affected.
Exploit / POC
OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
No exploit is required, the following example is available:
http://www.example.com/contact_us.php?&name=1&email=1&enquiry=%3C/textarea%3E%3Cscript%3Ealert('w00t');%3C/script%3E
No exploit is required, the following example is available:
http://www.example.com/contact_us.php?&name=1&email=1&enquiry=%3C/textarea%3E%3Cscript%3Ealert('w00t');%3C/script%3E
Solution / Fix
OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
OSCommerce Contact_us.PHP Cross-Site Scripting Vulnerability
References:
References:
- osCommerce Homepage (osCommerce)
- [NOBYTES.COM: #3] osCommerce 2.2-MS2 - XSS Vulnerability ("John Cobb"