SecurityvulnsSECURITYVULNS:DOC:25792PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability
========================================
PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability
- OVERVIEW
The PHPShop 0.8.1 and lower versions are currently vulnerable to Cross
Site Scripting.
- BACKGROUND
PHPShop is a PHP-powered shopping cart application. It is released
under the GNU General Public License.
The primary purpose of PHPShop is to provide a simple shopping cart
solution that is easy to customize to suit any purpose. PHPShop has
less features that many other shopping cart applications, but is
generally easier to customize.
- VULNERABILITY DESCRIPTION
The Query String was not properly sanitized upon submission to the
/index.php url, which allows attacker to conduct Cross Site Scripting
attack.
This may allow an attacker to create a specially crafted URL that
would execute arbitrary script code in a victim's browser.
- VERSIONS AFFECTED
PHP 0.8.1 <=
- PROOF-OF-CONCEPT/EXPLOIT
- SOLUTION
The vendor has discontinued this product.
It is recommended that an alternate software package be used in its place.
- VENDOR
PHPShop Development Team
http://phpshop.org
- CREDIT
This vulnerability was discovered by Aung Khant, http://yehg.net, YGN
Ethical Hacker Group, Myanmar.
- DISCLOSURE TIME-LINE
2011-02-25: vulnerability disclosed
- REFERENCES
Original Advisory URL:
http://yehg.net/lab/pr0js/advisories/[phpshop_0.8.1]_cross_site_scripting
Project Home: http://code.google.com/p/phpshop/,
http://sourceforge.net/projects/phpshop/
PHPShop Download Stats:
http://sourceforge.net/projects/phpshop/files/phpshop/0.8.1/stats/timeline?dates=2010-01-01+to+2010-01-01
XSS (owasp): http://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
CWE-79: http://cwe.mitre.org/data/definitions/79.html
#yehg [2011-02-25]
Best regards,
YGN Ethical Hacker Group
Yangon, Myanmar
http://yehg.net
Our Lab | http://yehg.net/lab
Our Directory | http://yehg.net/hwd