Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14345
HistorySep 20, 2006 - 12:00 a.m.

NextAge Cart Cross-Site Scripting multiple Vulnerabilities

2006-09-2000:00:00
vulners.com
21
JSON

Vulnerable:NextAge Cart Cross-Site Scripting Vulnerability.

Venedor site : http://www.nextagecart.com
Critical Level : Dangerous
Exploiting this issue could allow an attacker to steal cookie-based
authentication credentials and to launch other attacks.

Exploit :
http://www.example.com/[path]/index.php?main=category&sub=product&CatId=[xss]

http://www.example.com/[path]/index.php?SearchOpt=1&main=search&sub=index&SearchWd=[xss]

JSON