The provided text describes a cross-site scripting (XSS) vulnerability in Ez Cart, where user-supplied input is not properly sanitized. An attacker can exploit this by injecting arbitrary script code via the 'sid' parameter in the URL.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Ez Cart (version not specified)
No auth needed
Prerequisites:Access to the vulnerable web application