https://www.exploit-db.com/exploits/25765
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200506-023

QualiteamX-Cart4.0.8版本中存在多个跨站脚本攻击(XSS)漏洞，远程攻击者可通过：(1)提交到home.php的cat参数(2)printable参数，(3)到product.php的productid参数(4)mode参数，(5)到error_message.php的id参数，(6)到help.php的section参数，(7)到orders.php的mode参数，(8)到register.php的mode参数，(9)到search.php的mode参数，或(10)到giftcert.php的gcid参数，或(11)gcindex参数，执行Web脚本或HTML。

source: http://www.securityfocus.com/bid/13817/info
      
X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
      
These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker may also steal cookie-based authentication credentials and carry out other attacks.
      
X-Cart 4.0.8 is reportedly vulnerable. Other versions may be affected as well.

http://www.example.com/search.php?mode='><script>alert(document.cookie)</script>

来源:XF
名称:xcart-multiple-scripts-xss(20774)
链接:http://xforce.iss.net/xforce/xfdb/20774
来源:BID
名称:13817
链接:http://www.securityfocus.com/bid/13817
来源:SECTRACK
名称:1014077
链接:http://securitytracker.com/id?1014077
来源:SECUNIA
名称:15555
链接:http://secunia.com/advisories/15555
来源:BUGTRAQ
名称:20050530Multiplevulnerabilitiesinx-cartGold
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=111748583101076&w;=2