‘ECW Shop Cross-Site Scripting Vulnerability’

Summary

‘This e-commerce PHP/MySQL script suffers from a cross-site scripting vulnerability (CSS/XSS). This can be exploited by including arbitrary HTML or script code in the variable ‘cat’, which will cause it to be executed in a user’s browser session when viewed.’

Credit:

‘The information has been provided by David S. Ferreira.’


Details

Vulnerable systems:
 * ECW Shop version 5.5
 * ECW Shop version 5.01

Exploit:
By using the following URL, http://vulnerablecode/index.php?c=srch&cat=%3Cscript%3Ealert(document.domain);%3C/script%3E, it is possible to recreate the cross site scripting vulnerability on a remote host.’

Categories: UNIX