Unfixed XSS vulnerability at www.laptopman.co.za

2011-04-24T00:00:00
ID XSSED:72838
Type xssed
Reporter nullbyt3
Modified 2011-11-12T00:00:00

Description

Security researcher nullbyt3, has submitted on 24/04/2011 a cross-site-scripting (XSS) vulnerability affecting www.laptopman.co.za, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.laptopman.co.za/laptops-sales-rentals/buy_now.php?id=95930%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&brand=TOSHIBA&safe_id=L655-14F&product=TOSHIBA%20Satellite%20L655%20Core%20i5-450M%20%282.402.66%20GHz%20Turbo%29%201066MHz,%202GB%20DDR3%20%281066MHz%29,%201GB%20DDR3%20%281066MHz%29%202nd%20MEM,%20500GB%285400rmp%29%20SATA,%2015.6%20inch%20%20HD%20200%20CSV%20LD%20DVD-SuperMulti%20+-R%20DL%28SATA%29,%20ATI%20Madison-LP%201GB%28DDR3%29,%20Broadcom%20802.11%28bgn%29BCM94313,%20BT%20V2.1+EDR,%20VGA%20%280.3Mpix%29%20wo%20auto%20macro%20%28wMic%29,%2010100MBit,%206%20Cell%20-%204400,%20Win7%2064bit%20Home%20Premium,%20Flat%20KB%20Half%20Glossy%20Black,%201%20Year%20Collect%20Repair%20and%20Return%20Warranty,%20Modena%20Red