[UNIX] Aktivate Shopping System Cross-Site Scripting Vulnerability
From: support@securiteam.comDate: 12/20/01
- Previous message: support@securiteam.com: "[UNIX] Exim Recipient Decoding Execution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Thu, 20 Dec 2001 17:53:51 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Aktivate Shopping System Cross-Site Scripting Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://www.allen-keul.com/aktivate/> Aktivate is a complete, end-to-end
e-commerce solution aimed at Linux and other UNIXes. Aktivate is targeted
at small to medium sized businesses or charities who want to accept credit
card payments over the web. A security vulnerability in the product allows
attackers to cause the program to allow posting of HTML and JavaScript
code into existing web page.
DETAILS
Vulnerable systems:
Aktivate version 1.03
This vulnerability allows writing scripts on vulnerable sites &
application, stealing cookies, performing actions on behalf of user or
modifying look of content on site.
Example:
https://host/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551
089&desc=<IMG%20height=47%20src="http://www.tamersahin.net/images/titl
e.gif"%20width=406%20border=0>
https://host/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551
089&desc=<script>alert(document.domain)</script>
ADDITIONAL INFORMATION
The information has been provided by <mailto:ts@securityoffice.net> Tamer
Sahin.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] Exim Recipient Decoding Execution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
