TomatoCart version 1.1.8.6.1 suffers from a cross site scripting vulnerability.
79fa551178c89cd026702176897012baab890d8c7eba697d2cb60aa11162509cTitle: TomatoCart-1.1.8.6.1 InMemory products.php CompareNow XSS
Severity: High
CVE-ID: To Be Assigned
Release Date: 20 September 2014
Author: Kenneth F. Belva
Websites: http://silverbackventuresllc.com
http://xssWarrior.com
http://securitymaverick.com
Twitter: @infosecmaverick
Contact: Please use website contact form.
Mail:
URL: http://sourceforge.net/projects/tomatocart/
Vendor:
Remote Exploit: Yes
Discovered with: xssWarrior - http://xssWarrior.com
Description:
============
An attacker inputs the code on the products.php page via the cid variable. When the victim uses the CompareNow functionality, the XSS code stored in memory executes.
Proof of Concept :
==================
http://[domain]/TomatoCart-1.1.8.6.1/TomatoCart-v1-released-v1.1.8.6.1/products.php?1&cid=1&cid=[code]&action=compare_products_add
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed