Exploit SunShop Shopping Cart 1.5/2.x - User-Embedded Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21377
Проверка EDB
  1. Пройдено
Автор
PPP-DESIGN
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2002-0553
Дата публикации
2002-04-13
Код:
source: https://www.securityfocus.com/bid/4506/info

SunShop is commercial web store software. It is written in PHP, and will run on most Unix and Linux operating systems as well as Microsoft Windows.

SunShop allows attackers to embed arbitrary script code into form fields. This may enable a remote attacker to perform actions as the administrative user of the shopping cart. 

Enter the following name when registering as a new customer:

blackhat<script>alert('ouch')</script>
 
Источник
www.exploit-db.com

Похожие темы