Quick.Cart *p* Cross-Site Scripting Vulnerability Date: Friday, January 12, 2007 @ 09:12:16 UTC Topic: Security SECUNIA ADVISORY ID: SA23738 VERIFY ADVISORY: http://secunia.com/advisories/23738/ CRITICAL: Less critical IMPACT: Cross Site Scripting SOFTWARE: Quick.Cart 2.x - http://secunia.com/product/12801/ DESCRIPTION: David Sopas has discovered a vulnerability in Quick.Cart, which can be exploited by malicious people to conduct cross-site scripting attacks. (For more information: SA23733) The vulnerability is confirmed in version 2.0 English edition. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: David Sopas a.k.a. SmOk3 OTHER REFERENCES: SA23733: http://secunia.com/advisories/23733/ This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2641