osCMax 2.5 - '/admin/geo_zones.php?zID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...

oscommerce-xss.txt

Oscommerce Multiple XSS in admin section. Vendor url:Http://www.oscommerce.com Advisore:http://lostmon.blogspot.com/2006/11/ oscommerce-multiple-xss-in-admin.html Vendor notify:YES Exploit available: YES osCommerce contains a flaw that allows a remote cross site scripting attack.This flaw exists...