digiSHOP cart.php Multiple Variable XSS

2006-10-01T08:04:06
ID OSVDB:29460
Type osvdb
Reporter OSVDB
Modified 2006-10-01T08:04:06

Description

Manual Testing Notes

http://[target]/[path]/cart.php?m=product_list&pageNumber=&c=190&v=[&sortBy=[xss]&search=[xss]

References:

Vendor URL: http://digishop.sumeffect.com/ Secunia Advisory ID:22086 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0015.html Mail List Post: http://www.securityfocus.com/archive/1/archive/1/447506/100/0/threaded ISS X-Force ID: 29309 FrSIRT Advisory: ADV-2006-3889 CVE-2006-5164 Bugtraq ID: 20297