Информационная безопасность
[RU] switch to English

Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  Bitweaver source code disclosure, arbitrary file upload

  milliscripts (dir.php) Cross-Site Scripting Vulnerability

  Instant Softwares DatingSite SQL Injection

  [HSC Security Group] Multiple CSRF in Joomla all versions - Complete compromise

From:Hackers Center Security Group <DoZ_(at)_hackerscenter.com>
Date:2 января 2008 г.
Subject:LiveCart Multiple Cross-Site Scripting Vulnerabilities

[HSC] LiveCart Multiple Cross-Site Scripting Vulnerabilities

LiveCart is a new PHP/MySQL powered shopping cart software developed by
Integry Systems.
An attacker may leverage this issue to have arbitrary script code execute in
the browser
of an unsuspecting user in the context of the affected site. This may help
the attacker
steal cookie-based authentication credentials and launch other attacks.

Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz

Risk: Medium
Class: Input Validation Error
Remote: YES

Vendor: http://livecart.com
Version: 1.0.1

* Attackers can exploit these issues via a web client.

Exploit Path:





Reference: http://www.hackerscenter.com/archive/view.asp?id=28144

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород