2 matches found
jCart 1.1 Cross Site Request Forgery / Cross Site Scripting
additem$itemid, $itemqty, $itemprice, $itemname; ------------------------- User-supplied input for variable $itemname isn't properly escaped. Proof-of-Concept: -- alertdocument.cookie" type="hidden" document.getElementById'payload'.click...
jCart 1.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery/Open Redirect Vulnerabilities
additem$itemid, $itemqty, $itemprice, $itemname; ------------------------- User-supplied input for variable $itemname isn't properly escaped. Proof-of-Concept: -- alertdocument.cookie" type="hidden" document.getElementById'payload'.click !-- Vulnerable code snippet jcart-gateway.php:...