Squirrelcart 3.5.4 Cross Site Scripting Vulnerability

ID 1337DAY-ID-20405
Type zdt
Reporter LiquidWorm
Modified 2013-02-20T00:00:00


Squirrelcart version 3.5.4 suffers from a reflective cross site scripting vulnerability.

                                            Squirrelcart v3.5.4 (table) Remote Cross-Site Scripting Vulnerability

Vendor: Lighthouse Development
Product web page: http://www.squirrelcart.com
Affected version: v2.0.0 - 3.5.4

Summary: Squirrelcart PHP Shopping Cart software is a fully customizable,
robust php shopping cart, designed with the advanced developer and web
novice in mind.

Desc: Squirrelcart suffers from a XSS issue due to a failure to properly
sanitize user-supplied input to the 'table' GET parameter in the 'index.php'
script. Attackers can exploit this weakness to execute arbitrary HTML and
script code in a user's browser session.

Tested on: Linux, Apache, PHP, MySQL

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

Vendor status:

[17.02.2013] Vulnerability discovered.
[19.02.2013] Contact with the vendor.
[19.02.2013] Vendor responds asking more details.
[19.02.2013] Sent details to the vendor.
[19.02.2013] Vendor confirms the vulnerability.
[19.02.2013] Vendor releases version 3.5.5 to address this issue.
[19.02.2013] Coordinated public security advisory released.

Advisory ID: ZSL-2013-5128
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5128.php

Vendor ID: SC130218
Vendor URL: http://www.squirrelcart.com/downloads.php
Vendor Patch: http://www.squirrelcart.com/index.php?downloads=1&id=123



#  0day.today [2018-02-09]  #