[38622] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[HSC Security Group] Comersus v6 Script injection

daemon@ATHENA.MIT.EDU (Zinho)
Wed Apr 27 13:57:17 2005

Date: 26 Apr 2005 19:22:14 -0000
Message-ID: <20050426192214.1364.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Zinho <zinho@hackerscenter.com>
To: bugtraq@securityfocus.com



Hackers Center Security Group (http://www.hackerscenter.com/)      
Zinho's Security Advisory       


Title: Comersus v6 Shopping Cart Sever Script injection 
Risk: High    
    


Comersus is one of the most used Shopping Cart software written in asp, available for  *nix and windows platforms. 


A critical script injection can lead to admin privileges stealing: 

Proof of concept: By registering on the site with username:  
" Tommy &lt;script&gt;alert(document.cookie)&lt;/script&gt; " 

the script will be executed in all the pages in which Tommy's account is listed. Among  the other also in the admin pages. 
Being comersus a shopping cart script, this is reported as a high risk level issue 



Author:       
Zinho is webmaster and founder of http://www.hackerscenter.com ,   Security research    portal     
Secure Web Hosting Companies Reviewed:    
http://www.securityforge.com/web-hosting/secure-web-hosting.asp    

zinho-no-spam @ hackerscenter.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38622] in bugtraq

[HSC Security Group] Comersus v6 Script injection

daemon@ATHENA.MIT.EDU (Zinho)Wed Apr 27 13:57:17 2005

daemon@ATHENA.MIT.EDU (Zinho)
Wed Apr 27 13:57:17 2005