Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting

from [iNETstore Support] Network Security [Permanent Link]
Subject: Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting
Date: Thu, 26 Jan 2006 17:51:46 +1100 
Please note this problem has been fixed and changes propagated to all
iNETstore servers world wide. Please update your records.

thank you
iNETstore Support


On Fri, 20 Jan 2006 17:33:14 +1100, "iNETstore Support"
<support@inetstore.com> said:

iNETstore E Commerce Solution - Cross Site Scripting

Vendor URL: http://www.inetstore.com/

http://vs160455.server-store.com/store/search.inetstore?searchterm=";><script>alert(document.cookie)</script>&submit=submit


Problem fixed. 

regards, iNETstore Support




------
This communication is confidential and may contain information that is the 
subject of legal privilege and/or copyright.

It should only be viewed by the intended recipient. If you have received this 
communication in error, please notify us immediately by e-mailing us at 
support@inetstore.com and then immediately destroy this communication.

Any unauthorised use of the contents of this communication is expressly 
prohibited. Our confidentiality, privilege or copyright is not waived or lost 
if you received this communication in error. You may not distribute, or carbon 
copy this email to any other party, other than with the express authority of 
the sender.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting, iNETstore Support <=
Previous by Date:  Updated mozilla-thunderbird packages fix vulnerability, security
Next by Date:  [security bulletin] SSRT061104 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update January 2006, security-alert
Previous by Thread:  Updated mozilla-thunderbird packages fix vulnerability, security
Next by Thread:  [security bulletin] SSRT061104 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update January 2006, security-alert
Indexes:  [Date] [Thread] [Top] [All Lists]