TUCoPS :: Web :: e-commerce, shopping carts :: b06-3449.htm

Shopping Cart V0.9
Shopping Cart V0.9
Shopping Cart V0.9



Shopping Cart V0.9=0D
=0D
Homepage:=0D
http://glendown.de/shop/=0D 
=0D
Affected files:=0D
=0D
index.php=0D
editshop.php=0D
edititem.php=0D
-----------------------------------------=0D
=0D
XSS vuln on editshop.php & edititem.php:=0D
=0D
Data isn't sanatized before being entered. For a PoC as a shop name or item enter in:=0D
=0D
=0D
=0D
The shop names also appear on index.php, so it's affected here too.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH