# TITLE ....... # Information disclosure in Quick.Cart_v5.0 ............ #
# DATE ........ # 18.03.2012 .......................................... #
# AUTOHR ...... # http://hauntit.blogspot.com ......................... #
# SOFT LINK ... # http://http://opensolution.org/ .................... #
# VERSION ..... #  ............................................... #
# TESTED ON ... # LAMP ................................................ #
# ..................................................................... #

# 1. What is this?
# 2. What is the type of vulnerability?
# 3. Where is bug :)
# 4. More...

#............................................#
# 1. What is this?
"Fast and simple shopping cart". You should try it! ;)

#............................................#
# 2. What is the type of vulnerability?
Set cookie to "http://somethi.ng" to see:
"Warning: session_start(): The session id is too long or contains illegal characters, 
valid characters are a-z, A-Z, 0-9 and '-,' in /www/Quick.Cart_v5.0/index.php on line 17 "

#............................................#
# 3. Where is bug :)


#............................................#
# 4. More...

- http://hauntit.blogspot.com
- http://www.google.com
- http://portswigger.net

#............................................#
# Best regards
#