Cross-Site Scripting | Zeuscart V4

November 2, 2015 007admin Leave a comment

Posted by ITAS Team on Nov 02

#Vulnerability: Cross-Site Scripting
#Vendor: http://www.zeuscart.com
#Download link: http://zeuscart.com/download/
#Affected version: Zeuscart V4
#CVSS v3.0 Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
#Condition: The attack is performed by an “Anonymous User”
#Payload: “–><ScRipt>alert(/ITASVN/)</ScRipT>
#Fix version: N/A
#Author: Dang Quoc Thai – thai.q.dang () itas vn và ITAS Team

::PROOF OF CONCEPT::
+…

007 Software

Cross-Site Scripting | Zeuscart V4

Leave a Reply Cancel reply

Software and Security Information