bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/32567.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

11 lines
No EOL
792 B
Text
Raw Blame History

source: https://www.securityfocus.com/bid/32117/info
DHCart is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
DHCart 3.84 is vulnerable; other versions may also be affected.
http://www.example.com/order.php?dhaction=check&submit_domain=Register&domain=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&ext1=on
http://www.example.com/order.php?dhaction=add&d1=lalalalasss%22%3E%3Cscript%3Ealert(1)%3C/script%3E&x1=.com&r1=0&h1=1&addtocart1=on&n=3
Reference in a new issue View git blame Copy permalink