Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Cross site Request Forgery Vurl


Recommended Posts

Hello I did a quick scan of my osCommerce site with w3af to see if there were any security holes or vurls. When the scan completed it found a cross site request forgery vurl in the index.php and the advanced_search_result.php scripts. As you all know this is not good and I thought I would bring it to the developers and communities attention.


Thanks! :)

Link to comment
Share on other sites



You would have to look at those files and determine what the vulnerable code is and then fix it. Without seeing the code, we can't help








I am in the process of doing that now I will update you when I find the vulnerable part of the code.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...