SECUNIA ADVISORY ID: SA22175
VERIFY ADVISORY: http://secunia.com/advisories/22175/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE: >From remote
SOFTWARE: CubeCart 2.x - http://secunia.com/product/4021/
DESCRIPTION: HACKERS PAL has discovered some vulnerabilities in CubeCart, which can be exploited by malicious people to conduct cross-site scripting attacks. Some input isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Examples:
http://[host]/admin/nav.php?site_url=[code]
http://[host]/admin/nav.php?la_search_home=[code]
http://[host]/admin/header.inc.php?site_name=[code]
http://[host]/admin/header.inc.php?la_adm_header=[code]
http://[host]/admin/header.inc.php?charset=[code]
http://[host]/footer.inc.php?la_pow_by=[code]
Successful exploitation requires that "register_globals" is enabled. The vulnerabilities have been confirmed in version 2.0.7. Other versions may also be affected.
SOLUTION: The 3.x branch is not affected by the vulnerabilities. Edit the source code to ensure that input is properly sanitised. Set "register_globals" to "Off".
PROVIDED AND/OR DISCOVERED BY: HACKERS PAL
CubeCart Cross-Site Scripting VulnerabilitiesPosted on Friday, September 29, 2006 @ 03:30:34 CDT in Security |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
