Advertisement






PHP Scripts Mall website-seller Script 2.0.5 Reflected XSS.

CVE Category Price Severity
CWE-79 Not specified High
Author Risk Exploitation Type Date
Not specified High Remote 2020-03-14
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020030067

Below is a copy:

PHP Scripts Mall website-seller Script 2.0.5 Reflected XSS.
###################################################################################### 
# Exploit Title: PHP Scripts Mall website-seller Script 2.0.5 Stored and Reflected XSS. 
# Date: 27.12.2018 
# Exploit Author: Sukanta Beniya 
# Vendor Homepage: https://www.phpscriptsmall.com/ 
# Software Link: https://www.phpscriptsmall.com/product/website-seller-script/
# Category: Web Application 
# Version: 2.0.5
# Tested on: Windows 10
# Web: https://suku90.wordpress.com

####################################################################################### 

*Proof of Concept*

For Reflected XSS:
...................
1. First Goto XSS vulnerable Website "http://www.officialwebsiteforsale.com/"
2. Goto Search field  
3. Edit search field with XSS script "<script>alert("SUKANTA")</script>" 
4. Than Hit Enter
5. You, Will, See The XSS popup "SUKANTA"

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum