Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting | Gerki

Exploiter

Хакер

21 Дек 2022

EDB-ID: 24261

Проверка EDB

Пройдено

Автор: THOMAS RYAN

Тип уязвимости: WEBAPPS

Платформа: ASP

CVE: cve-2004-0681

Дата публикации: 2004-07-07

Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting

Код:

source: https://www.securityfocus.com/bid/10674/info
 
Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate parameters to change the price of an order.
 
Comersus Cart version 5.09 is affected by these issues, however, other versions may be prone to these vulnerabilities as well.

http://www.example.com/comersus/backofficeLite/comersus_backoffice_message.asp?message=<script>alert("VULNERABLE_TO_XSS")</script>

Источник: www.exploit-db.com

Поиск

Exploit Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting

Exploiter

Похожие темы