Archive for October 6th, 2010

TomatoCart 1.0.1 (json.php) Remote Cross-Site Scripting Vulnerability

TomatoCart version 1.0.1 suffers from a XSS vulnerability because input passed via the “action” parameter to json.php script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

Vendor status:
[01.10.2010] Vulnerability discovered.
[02.10.2010] Vendor contacted.
[05.10.2010] No reply from vendor.
[06.10.2010] Public advisory released.

Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4968.php