Squirrelcart v3.5.4 (table) Remote Cross-Site Scripting Vulnerability
Title: Squirrelcart v3.5.4 (table) Remote Cross-Site Scripting Vulnerability
Advisory ID: ZSL-2013-5128
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (2/5)
Release Date: 19.02.2013
[19.02.2013] Contact with the vendor.
[19.02.2013] Vendor responds asking more details.
[19.02.2013] Sent details to the vendor.
[19.02.2013] Vendor confirms the vulnerability.
[19.02.2013] Vendor releases version 3.5.5 to address this issue.
[19.02.2013] Coordinated public security advisory released.
[2] http://www.squirrelcart.com/index.php?downloads=1&id=123
[3] http://www.securityfocus.com/bid/58025
[4] http://packetstormsecurity.com/files/120402
[5] http://cxsecurity.com/issue/WLB-2013020141
[6] http://secunia.com/advisories/52245/
[7] http://xforce.iss.net/xforce/xfdb/82159
[8] http://www.osvdb.org/show/osvdb/90416
[20.02.2013] - Added reference [3], [4], [5] and [6]
[21.02.2013] - Added reference [7] and [8]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2013-5128
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (2/5)
Release Date: 19.02.2013
Summary
Squirrelcart PHP Shopping Cart software is a fully customizable, robust php shopping cart, designed with the advanced developer and web novice in mind.Description
Squirrelcart suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'table' GET parameter in the 'index.php' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.Vendor
Lighthouse Development - http://www.squirrelcart.comAffected Version
2.0.0 - 3.5.4Tested On
Linux, Apache, PHP, MySQLVendor Status
[17.02.2013] Vulnerability discovered.[19.02.2013] Contact with the vendor.
[19.02.2013] Vendor responds asking more details.
[19.02.2013] Sent details to the vendor.
[19.02.2013] Vendor confirms the vulnerability.
[19.02.2013] Vendor releases version 3.5.5 to address this issue.
[19.02.2013] Coordinated public security advisory released.
PoC
squirrelcart_xss.txtCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://www.squirrelcart.com/downloads.php[2] http://www.squirrelcart.com/index.php?downloads=1&id=123
[3] http://www.securityfocus.com/bid/58025
[4] http://packetstormsecurity.com/files/120402
[5] http://cxsecurity.com/issue/WLB-2013020141
[6] http://secunia.com/advisories/52245/
[7] http://xforce.iss.net/xforce/xfdb/82159
[8] http://www.osvdb.org/show/osvdb/90416
Changelog
[19.02.2013] - Initial release[20.02.2013] - Added reference [3], [4], [5] and [6]
[21.02.2013] - Added reference [7] and [8]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk