StaticStore Search Engine Friendly E-Commerce XSS
Vuln. discovered by : r0t Date: 15 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/staticstore-search-engine-friendly-e.html vendor:www.staticstore.com affected version:1.189A and prior
StaticStore is a full store and online catalog builder complete with a browser based store manager for categorizing, adding, copying, moving, editing, and deleting products from your product database. Static search engine friendly HTML pages are then created from the MySQL product database. StaticStore is a robust store and online catalog builder and is able to categorize and build hundreds of product categories and thousands of static search engine friendly HTML product pages. StaticStore will allow you to categorize and start adding products immediately upon installation. StaticStore is truly the most "search engine friendly" and "user friendly" store and online catalog builder available in the market today.
StaticStore contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to parameter in "search.cgi" isn't properly sanitised before being returned to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
Solution: Edit the source code to ensure that input is properly sanitised.