← Advisories

Squirrelcart v3.5.4 (table) Remote Cross-Site Scripting Vulnerability

Low
Advisory ID
ZSL-2013-5128
Release Date
19 February 2013
Vendor
Lighthouse Development - http://www.squirrelcart.com
Affected Version
2.0.0 - 3.5.4
CVE
N/A
Tested On
Linux, Apache, PHP, MySQL
Summary

Squirrelcart PHP Shopping Cart software is a fully customizable, robust php shopping cart, designed with the advanced developer and web novice in mind.

Description

Squirrelcart suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'table' GET parameter in the 'index.php' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

Proof of Concept
squirrelcart_xss.txtTXT
Disclosure Timeline
17.02.2013Vulnerability discovered.
19.02.2013Contact with the vendor.
19.02.2013Vendor responds asking more details.
19.02.2013Sent details to the vendor.
19.02.2013Vendor confirms the vulnerability.
19.02.2013Vendor releases version 3.5.5 to address this issue.
19.02.2013Coordinated public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://www.squirrelcart.com/downloads.php
[2]http://www.squirrelcart.com/index.php?downloads=1&id=123
[3]http://www.securityfocus.com/bid/58025
[4]http://packetstormsecurity.com/files/120402
[5]http://cxsecurity.com/issue/WLB-2013020141
[6]http://secunia.com/advisories/52245/
[7]http://xforce.iss.net/xforce/xfdb/82159
[8]http://www.osvdb.org/show/osvdb/90416
Changelog
19.02.2013Initial release
20.02.2013Added reference [3], [4], [5] and [6]
21.02.2013Added reference [7] and [8]