|
Vulnerable:NextAge Cart Cross-Site Scripting Vulnerability.=0D
=0D
Venedor site : http://www.nextagecart.com=0D
Critical Level : Dangerous=0D
Exploiting this issue could allow an attacker to steal cookie-based=0D
authentication credentials and to launch other attacks.=0D
=0D
Exploit :=0D
http://www.example.com/[path]/index.php?main=category&sub=product&CatId=[xss]=0D
=0D
http://www.example.com/[path]/index.php?SearchOpt=1&main=search&sub=index&SearchWd=[xss]=0D