Guest Posted December 18, 2009 Posted December 18, 2009 Hi Forums Members, I need some help and guidance to help me get my cart XSS proof :'( . I ran vulnerability scanning on my store an got the following :- FILTER METACHARACTERS in the following:- advanced_search.php 15 vulnerabilities co-related to manufactures_id advanced_search_results.php 5 vulnerabilities co-related to manufactures_id index.php 5 vulnerabilities co-related to manufactures_id popup_add_image.php 1 vulnerability co-related to product_id product_info.php 5 vulnerabilities co-related to manufactures_id and 5 vulnerabilities co-related to cPath I have done some mods as per XSS contibs but still got such results. Any help. Thanks Fab
Guest Posted December 18, 2009 Posted December 18, 2009 Hi All I managed to clean all the XSS vulnerabilities with this contrib here However this issue still persists popup_add_image.php = The GET variable products_id has been set to 1//--></script><script%20%0d%0a>alert(646395961975)%3B</ScRiPt>. Any help Regs
♥FWR Media Posted December 18, 2009 Posted December 18, 2009 Hi All I managed to clean all the XSS vulnerabilities with this contrib here However this issue still persists popup_add_image.php = The GET variable products_id has been set to 1//--></script><script%20%0d%0a>alert(646395961975)%3B</ScRiPt>. Any help Regs Security pro secures the query string and these are all querystring related. if that had been installed you wouldn't have had this issue. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.