Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13429
HistoryJul 06, 2006 - 12:00 a.m.

Shopping Cart V0.9

2006-07-0600:00:00
vulners.com
8
JSON

Shopping Cart V0.9

Homepage:
http://glendown.de/shop/

Affected files:

index.php
editshop.php
edititem.php

XSS vuln on editshop.php & edititem.php:

Data isn't sanatized before being entered. For a PoC as a shop name or item enter in:

<script>alert('xss')</script>

The shop names also appear on index.php, so it's affected here too.

JSON