[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)
From: "Antonio S.M" <antonio_s_martino@xxxxxxxx>
Date: Wed, 2 Mar 2011 16:26:51 +0000 (GMT)

Hello,
In Prestashop Cartium 1.3.3 I have detected multiple Cross Site Scripting (XSS) 
vulnerabilities:

File                 Field
categoty.php   id_category
product.php     id_product
search.php      search_query 

Test pattern for vulnerable versions:  

"></script>alert(1)</script>

Kind Regards
Antonio San Martino

Prev by Date: CubeCart 2.0.6 SQL injection / Cross Site Scripting
Next by Date: [SECURITY] [DSA 2177-1] pywebdav security update
Previous by thread: CubeCart 2.0.6 SQL injection / Cross Site Scripting
Next by thread: Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)
Index(es):
- Date
- Thread