19 lines
857 B
Text
Executable file
19 lines
857 B
Text
Executable file
?# Exploit Title: Multiple Persistent Cross Site Scripting Vulnerabilities
|
|
in PHP Stock Management System 1.02
|
|
# Date: 25 Aug 2014
|
|
# Exploit Author: ?Ragha Deepthi K R
|
|
# Vendor Homepage: ?http://www.posnic.com/?
|
|
# Software Link:? http://sourceforge.net/projects/stockmanagement/
|
|
# Version: ?1.02
|
|
# Tested on: Windows 7
|
|
|
|
#################################################
|
|
?PHP Stock Management System 1.02? is vulnerable for ?multiple Persistent
|
|
Cross Site Scripting Vulnerabilit?ies.
|
|
The vulnerability affects 'sname'(Store Name Field), 'address'(Address
|
|
Field), 'place'(Place Field), 'city'(City Field), pin(Pin Field),
|
|
website(Website Field), email(Email Field) parameter?s? while updating the
|
|
?store details in 'update_details.php' and when seen in 'view_report.php'
|
|
|
|
#################################################
|
|
Greetz :? Syam !?
|