Bugtraq mailing list archives

Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)

From: "Antonio S.M" <antonio_s_martino () yahoo es>
Date: Wed, 2 Mar 2011 16:26:51 +0000 (GMT)

Hello,
In Prestashop Cartium 1.3.3 I have detected multiple Cross Site Scripting (XSS) 
vulnerabilities:

File                 Field
categoty.php   id_category
product.php     id_product
search.php      search_query 

Test pattern for vulnerable versions:  

"></script>alert(1)</script>

Kind Regards
Antonio San Martino

Current thread:

Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) Antonio S.M (Mar 02)
- <Possible follow-ups>
- Re: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS) mike (Mar 03)