9 lines
No EOL
487 B
Text
9 lines
No EOL
487 B
Text
source: http://www.securityfocus.com/bid/4506/info
|
|
|
|
SunShop is commercial web store software. It is written in PHP, and will run on most Unix and Linux operating systems as well as Microsoft Windows.
|
|
|
|
SunShop allows attackers to embed arbitrary script code into form fields. This may enable a remote attacker to perform actions as the administrative user of the shopping cart.
|
|
|
|
Enter the following name when registering as a new customer:
|
|
|
|
blackhat<script>alert('ouch')</script> |