PayProCart invite.php ShortDesc Variable XSS

2005-04-12T01:11:26
ID OSVDB:15540
Type osvdb
Reporter sNKenjoi(snkenjoi@gmail.com)
Modified 2005-04-12T01:11:26

Description

Vulnerability Description

PayProCart contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ShortDesc' variable upon submission to the invite.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PayProCart contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ShortDesc' variable upon submission to the invite.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]/tplates/invite.php?ProdID=f00b4r&ShortDesc=</TEXTAREA>[XSS]

References:

Vendor URL: http://www.profitcode.net/ Other Advisory URL: http://www.snkenjoi.com/secadv/secadv1.txt