OpenCart CMS Cross Site Scripting

2012-06-23T00:00:00
ID PACKETSTORM:114093
Type packetstorm
Reporter $1l3n7 @$$@$$17
Modified 2012-06-23T00:00:00

Description

                                        
                                            ` _ _ _ _____ _____ ____ _ _ ____ _ _ _ _____  
| |/ | |___ / _ __|___ | / __ \ | | | | / __ \ | | | |/ |___ |  
/ __) | | |_ \| '_ \ / / / / _` / __) __)/ / _` / __) __) | / /  
\__ \ | |___) | | | |/ / | | (_| \__ \__ \ | (_| \__ \__ \ | / /  
( /_|_|____/|_| |_/_/ \ \__,_( ( /\ \__,_( ( /_|/_/  
|_| \____/ |_| |_| \____/ |_| |_|  
  
  
-------------------------------------------------------------------  
-------------------------------------------------------------------  
  
  
TITLE: OpenCart CMS Multiple Stored XSS  
Vendor: OpenCart CMS  
Author: $1l3n7 @$$@$$17  
Email: sil3ntb0t@gmail.com  
Download Link: http://www.opencart.com/index.php?route=download/download  
Versions: 1.5.3.1  
Tested on: Windows 7  
  
  
-------------------------------------------------------------------  
-------------------------------------------------------------------  
Description: OpenCart is an open source PHP-based online shopping cart  
system. A robust e-commerce solution for Internet merchants  
with the ability to create their own online business and  
participate in e-commerce at a minimal cost. OpenCart is  
designed feature rich, easy to use, search engine friendly  
and with a visually appealing interface.  
-------------------------------------------------------------------  
-------------------------------------------------------------------  
  
  
Multiple Persistent XSS:  
  
DEMO:  
  
1:  
  
Select Catalog Drop Down -> Attribute Menu -> Select Attribute  
  
Select Insert Button  
  
In Attribute Name Field  
  
POST DATA= "'-->><script>alert(0)</script>  
  
Similarly  
  
Select Catalog Drop Down -> Attribute Menu -> Select Attribute Groups  
  
Select Insert Button  
  
In Attribute Group Name Field  
  
POST DATA= "'-->><script>alert(0)</script>  
  
2:  
  
Select Catalog Drop Down -> Select Options  
  
Select Insert Button  
  
In Option Name Field  
POST DATA= "'-->><script>alert(0)</script>  
  
  
-------------------------------------------------------------  
  
gr33t1ngs and ShOuTZ to r007k17-w and all my friends..  
`