Squirrelcart 3.5.4 Cross Site Scripting

Type packetstorm
Reporter LiquidWorm
Modified 2013-02-20T00:00:00


Squirrelcart v3.5.4 (table) Remote Cross-Site Scripting Vulnerability  
Vendor: Lighthouse Development  
Product web page: http://www.squirrelcart.com  
Affected version: v2.0.0 - 3.5.4  
Summary: Squirrelcart PHP Shopping Cart software is a fully customizable,  
robust php shopping cart, designed with the advanced developer and web  
novice in mind.  
Desc: Squirrelcart suffers from a XSS issue due to a failure to properly  
sanitize user-supplied input to the 'table' GET parameter in the 'index.php'  
script. Attackers can exploit this weakness to execute arbitrary HTML and  
script code in a user's browser session.  
Tested on: Linux, Apache, PHP, MySQL  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
Vendor status:  
[17.02.2013] Vulnerability discovered.  
[19.02.2013] Contact with the vendor.  
[19.02.2013] Vendor responds asking more details.  
[19.02.2013] Sent details to the vendor.  
[19.02.2013] Vendor confirms the vulnerability.  
[19.02.2013] Vendor releases version 3.5.5 to address this issue.  
[19.02.2013] Coordinated public security advisory released.  
Advisory ID: ZSL-2013-5128  
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5128.php  
Vendor ID: SC130218  
Vendor URL: http://www.squirrelcart.com/downloads.php  
Vendor Patch: http://www.squirrelcart.com/index.php?downloads=1&id=123