lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20061014055936.9678.qmail@securityfocus.com>
Date: 14 Oct 2006 05:59:36 -0000
From: security@...orize.com
To: bugtraq@...urityfocus.com
Subject: Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5

Full Disclosure

Armorize Technologies Security Advisory

Advisory No:
Armorize-ADV-2006-0003

Status:
Full

Date:
2006/9/27

Summary:
Armorize-ADV-2006-0003 discloses multiple cross-site scripting vulnerabilities that are found in Zen Cart, which is a PHP e-commerce shopping program and is Built on a foundation of OScommerce GPL code. It provides an easy-to-setup and run online store.

Affected Software:
Zen Cart 1.3.5
Zen Cart 1.3.2

Vulnerability Description:
Cross-Site Scripting

Analysis/Impact:
Privacy leakages from the client-side may lead to session hijacking, identity theft and information theft.

Detection/Exploit(full):
http://www.example.com/[PATH]/login.php
POST variables admin_name and admin_pass are vulnerable.
http://www.example.com/[PATH]/password_forgotten.php
POST variable admin_email is vulnerable.

Protection/Solution:
1. Escape every questionable URI and HTML script.
2. Remove prohibited user input.

Disclosure Timeline:
2006/09/27 Published partial advisory; Notified vendor
2006/09/29 Received request from Ian Wilson of Zen Cart for more details
2006/10/02 Zen Cart released official patch for this vulnerability
2006/10/04 Published full advisory
2006/10/14 Full disclosure at SecurityFocus mailing list

Credit: Security Team at Armorize Technologies, Inc. (security@...orize.com)


Additional Information:
Link to this Armorize advisory
http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0003

Links to all Armorize advisories
http://www.armorize.com/advisory/

Links to Armorize vulnerability database
http://www.armorize.com/resources/vulnerability.php

Armorize Technologies is delivering the world’s most advanced source code analysis solution for Web application security based on its award-winning and patent-pending verification technologies. Addressing security early in the software development life cycle (SDLC), Armorize CodeSecure™ proactively identifies and traces vulnerabilities in Web application source code, effectively hardening websites against today’s ever growing security threats. CodeSecure™’s zero-false-positive accuracy, traceback support and Web 2.0-based interface make it the premium Web application security solution. For more information please visit: http://www.armorize.com.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ