[23552] in bugtraq
Aktivate Shopping System Cross Site Scripting Vulnerability
daemon@ATHENA.MIT.EDU (Tamer Sahin)
Tue Dec 18 22:23:05 2001
Message-ID: <001001c187cb$0a81e3c0$ce9c2bd5@ts>
Reply-To: "Tamer Sahin" <ts@securityoffice.net>
From: "Tamer Sahin" <ts@securityoffice.net>
To: <bugtraq@securityfocus.com>
Date: Tue, 18 Dec 2001 15:51:05 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aktivate Shopping System Cross Site Scripting Vulnerability
Type:
Cross Site Scripting
Release Date:
December 18, 2001
Product / Vendor:
Aktivate is a complete, end-to-end e-commerce solution aimed at Linux
and other Unices. Aktivate is targeted at small to medium sized
businesses or charities who want to accept credit card payments over
the web.
http://www.allen-keul.com/aktivate/
Summary:
Cross Site Scripting, most dynamic websites are still not filtering
user input. This lets remote sites access to write scripts on
vulnerable sites & application, stealing cookies, performing actions
on behalf of user or modifying look of content on site.
https://host/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551
089&desc=<IMG%20height=47%20src="http://www.tamersahin.net/images/titl
e.gif"%20width=406%20border=0>
https://host/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551
089&desc=<script>alert(document.domain)</script>
Tested:
Aktivate 1.03
Vulnerable:
Aktivate 1.03 (And may be other)
Disclaimer:
http://www.securityoffice.net is not responsible for the misuse or
illegal use of any of the information and/or the software listed on
this security advisory.
Author:
Tamer Sahin
ts@securityoffice.net
http://www.securityoffice.net
Tamer Sahin
http://www.securityoffice.net
PGP Key ID: 0x2B5EDCB0 Fingerprint:
B96A 5DFC E0D9 D615 8D28 7A1B BB8B A453 2B5E DCB0
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPB8tqbuLpFMrXtywEQJktwCffYHreLWusnX9YMu9UIDUKON681QAniVK
BzejAgaDcm9KT67ogfMZD75z
=bEZi
-----END PGP SIGNATURE-----
