Absolute Shopping Cart suffers from a cross site scripting vulnerability.
dee0f5cb61f9ac40aba384ad7f5576ebc85c2d974cbf6d77668c4dd5d072eb06
#################################################################
# Exploit Title: Absolute shopping cart remote Persistent XSS vulnerability
# Date: 15th july 2010
# Author: D4rk357
#Critical:meduim
#contact:d4rk357[at]yahoo[dot]in
# Software Link:http://www.absoluteshoppingcartdemo.co.uk/
Greetz to :b0nd, Fbih2s,Beenu,rockey killer,The empty(), punter,eberly,prashant
Shoutz to : http://www.garage4hackers.com/forum.php , h4ck3r.in and all ICW members
##############################################################################
Login as Admin into the website .
GO to administration>products>Edit products or any other option .
In heading or content type <marquee><h1>XSS3d By D4rk357</h1><marquee> .
On the other hand a user using this CMS can upload a persistent XSS in this site while
submitting a article using same method.
##################################################################################
#D4rk357