Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2002-2362

Publish Date: 23 Oct 2002

Author: qber66

                source: http://www.securityfocus.com/bid/6035/info

MyMarket is prone to cross-site scripting attacks.

HTML tags and script code are not sanitized from CGI variables which may cause user-supplied input to be displayed. As a result, an attacker can create a link to a site running the vulnerable software which contains malicious attacker-supplied HTML and script code.

When this link is visited, the attacker-supplied code will execute in the user's web client in the security context of the site hosting the software. 

http://www.example.com/templates/form_header.php?noticemsg=&lt;Script&gt;javascript:alert(document.cookie)&lt;/Script&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

MyMarket 1.71 - 'Form_Header.php' Cross-Site Scripting

Vulmon Search

About

Products

Connect