AmazCart Laravel Ecommerce System CMS 3.4 Cross Site Scripting

2023.01.24
Credit: Sajibe Kanti
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: AmazCart - Laravel Ecommerce System CMS 3.4 - 'Search' Cross-Site-Scripting — Reflected (AJAX) # Date: 17/01/2023 # Exploit Author: Sajibe Kanti # CVE ID: # Vendor Name: CodeThemes # Vendor Homepage: https://spondonit.com/ # Software Link: https://codecanyon.net/item/amazcart-laravel-ecommerce-system-cms/34962179 # Version: 3.4 # Tested on: Live Demo # Demo Link : https://amazy.rishfa.com/ # Description # AmazCart - Laravel Ecommerce System CMS 3.4 is vulnerable to Reflected cross-site scripting because of insufficient user-supplied data sanitization. Anyone can submit a Reflected XSS payload without login in when searching for a new product on the search bar. This makes the application reflect our payload in the frontend search ber, and it is fired everything the search history is viewed. # Proof of Concept (PoC) : Exploit # 1) Goto: https://amazy.rishfa.com/ 2) Enter the following payload in 'Search Iteam box' : "><script>alert(1)</script> 3) Now You Get a Popout as Alert 1 4) Reflected XSS payload is fired # Image PoC : Reference Image # 1) Payload Fired: https://prnt.sc/QQaiZB3tFMVB


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top