{"id": "1337DAY-ID-14801", "lastseen": "2018-04-01T18:16:25", "viewCount": 8, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2018-04-01T18:16:25", "rev": 2}, "dependencies": {"references": [], "modified": "2018-04-01T18:16:25", "rev": 2}, "vulnersScore": 0.1}, "type": "zdt", "sourceHref": "https://0day.today/exploit/14801", "description": "Exploit for php platform in category web applications", "title": "XT:Commerce <= 3.04 SP2.1 XSS Vulnerability", "cvelist": [], "sourceData": "===========================================\r\nXT:Commerce <= 3.04 SP2.1 XSS Vulnerability\r\n===========================================\r\n\r\n# Affected Software .: XT:Commerce < 3.04 SP2.1\r\n# Venedor ...........: http://www.xt-commerce.de\r\n# Class .............: XSS\r\n# Author ............: Philipp Niedziela\r\n# Original advisory .: http://pn-it.com/blog/wp-content/uploads/2010/11/ad01.txt\r\n# Contact ...........: pn[-at-]pn-it.com\r\n# Date ..............: 2010-11-11\r\n# Tested on: ........: Ubuntu 10.04 / Apache\r\n \r\nXT:Commerce is prone to a (permanent) XSS.\r\n \r\nPoC:\r\nAn attacker needs to create an account, inject javascript into field \"street\"\r\n(e.g. \"><script>alert(document.cookie)</script>) and place an order.\r\nWhen the administrator opens the order in the backend of the shop, the\r\njavascript will be executed.\r\nBy getting the cookie of the admin, the attacker gets the session-id\r\nand user-id. If binding session and ip is _not_ enabled, the attacker will\r\nbe able to take over the admin-session.\r\n \r\n \r\nSolution:\r\nEnable binding session to IP in the backend of your shop\r\n\r\n\n\n# 0day.today [2018-04-01] #", "published": "2010-11-12T00:00:00", "references": [], "reporter": "Philipp Niedziela", "modified": "2010-11-12T00:00:00", "href": "https://0day.today/exploit/description/14801"}

{}