News Document Title:
====================
TRUSTe Seal Website - SQL Injection Vulnerability [FIXED!] 


Release Date:
=============
2011-07-08


Laboratory Article:
===================
A critical SQL Injection vulnerability on the TRUSTe Seal Website Service has been fixed/patched by the developers. 
Truste is a famous online privacy seals and services provider. The bug allows remote attackers to inject/ execute own sql commands/statements.
The vulnerability was located on the ?sealid= of the click2verify trusted URL service.

Vendor: 
              			                      [+] TRUSTe (truste.com)

Vulnerable Module(s):
              			                      [+] SealID

Author:	
              			                      [+] Chokri B.A. (http://www.vulnerability-lab.com/show.php?user=Chokri%20-%20B.A)