VirtueMart Multiple Cross-Site Scripting Vulnerabilities 

SECUNIA ADVISORY ID:
SA24399

VERIFY ADVISORY:
http://secunia.com/advisories/24399/

CRITICAL:
Less critical

IMPACT:
Cross Site Scripting

WHERE:
>From remote

SOFTWARE:
VirtueMart 1.x
http://secunia.com/product/11832/

DESCRIPTION:
Some vulnerabilities have been reported in VirtueMart, which can be
exploited by malicious people to conduct cross-site scripting
attacks.

Input passed to unspecified parameters within ps_cart.php and
virtuemart_parser.php is not properly sanitised before being returned
to the user. This can be exploited to execute arbitrary HTML and
script code in a user's browser session in context of an affected
site.

The vulnerabilities are reported in versions prior to 1.0.10.

SOLUTION:
Update to version 1.0.10.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://sourceforge.net/project/shownotes.php?release_id=490831

DOWNLOAD
JOOMLA!

Download Joomla!

Joomla! 4.x Thai Translation Language Packs

Joomla! 3.x Thai Translation Language Packs

OUR NETWORK


CMSPlugin.com
Joomla Extensions, Joomla Templates

Joomla!® User Group Thailand
Joomla!® User Group Thailand


Marvelic Engine Co., Ltd. รับพัฒนาเว็บไซต์ด้วย Joomla! , รับอบรม Joomla , ผู้เชี่ยวชาญ จูมล่า
รับทำเว็บ Joomla, อบรบ Joomla

Ribbon