AsaanCart version 0.9 suffers from multiple cross site scripting vulnerabilities.
d012c781e38c2ca86b6dde2c8b0f0f267153528455524c83c5b4b438d1f74cfe
HTTPCS Advisory : HTTPCS97
Product : AsaanCart
Version : 0.9
Date : 2012-09-13
Criticality level : Less Critical
Description : A vulnerability has been discovered in AsaanCart, which can be
exploited by malicious people to conduct cross-site scripting attacks. Input
passed via the 'category_name' parameter to '/category.php' is not properly
sanitised before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context of an
affected site.
Page : /category.php
Variables : category_id=6947&category_name=[VulnHTTPCS]
Type : XSS
Method : GET
Solution :
References : https://www.httpcs.com/advisory/httpcs97
Credit : HTTPCS [Web Vulnerability Scanner]