Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17078
HistoryMay 25, 2007 - 12:00 a.m.

GMTT Music Distro 1.2 XSS Exploit

2007-05-2500:00:00
vulners.com
74
JSON

-=[--------------------ADVISORY-------------------]=-

              GMTT Music Distro

Author: CorryL [[email protected]]
-=[-----------------------------------------------]=-

-=[+] Application: GMTT Music Distro
-=[+] Version: 1.2
-=[+] Vendor's URL: http://www.gmtt.co.uk/_catalog/web_stores
-=[+] Platform: Windows\Linux\Unix
-=[+] Bug type: Cross-Site Script
-=[+] Exploitation: Remote
-=[-]
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: http://corryl.altervista.org/
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck

…::[ Descriprion ]::…

PHP Distro is designed to be an online record store,
though you could use it to sell anything. The shop features:
Paypal intergration, Admin add's product, support for cheque / postal order payments and many more.

…::[ Proof Of Concept ]::…

http://remote-server/path/showown.php?st=XSS

JSON