[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NextAge Cart Cross-Site Scripting multiple Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: NextAge Cart Cross-Site Scripting multiple Vulnerabilities
From: meto5757@xxxxxxxxxxx
Date: 15 Sep 2006 15:37:16 -0000

Vulnerable:NextAge Cart Cross-Site Scripting Vulnerability.

Venedor site : http://www.nextagecart.com
Critical Level : Dangerous
Exploiting this issue could allow an attacker to steal cookie-based
authentication credentials and to launch other attacks.

Exploit :
http://www.example.com/[path]/index.php?main=category&sub=product&CatId=[xss]

http://www.example.com/[path]/index.php?SearchOpt=1&main=search&sub=index&SearchWd=[xss]

Prev by Date: Site@School 2.4.02 and below Multiple remote Command Execution Vulnerabilities
Next by Date: [ECHO_ADV_47$2006] WAP Y! Messenger Cross-Site Scripting Vulnerability
Previous by thread: Site@School 2.4.02 and below Multiple remote Command Execution Vulnerabilities
Next by thread: [ECHO_ADV_47$2006] WAP Y! Messenger Cross-Site Scripting Vulnerability
Index(es):
- Date
- Thread