exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28749
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the 'newsletters.php' admin page. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
Auth required
Prerequisites:
Access to the admin panel · Victim interaction required
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28750
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the orders_status.php file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28751
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the 'products_attributes.php' file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL parameter
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28752
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the 'products_expected.php' file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to a vulnerable osCommerce installation
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28743
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the banner_manager.php file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable osCommerce admin interface
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28744
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the banner_statistics.php file. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL parameter
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28745
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the countries.php admin page. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
Auth required
Prerequisites:
Access to the admin panel URL · Victim interaction required
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28746
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the admin/currencies.php page. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL · User interaction to trigger the XSS
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28747
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the admin/languages.php file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28748
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the manufacturers.php file. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 80%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable osCommerce admin interface
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28753
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the reviews.php admin page. It includes a sample URL demonstrating how an attacker could inject arbitrary script code via the 'page' parameter.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
Auth required
Prerequisites:
Access to the admin panel or ability to trick an admin into clicking a malicious link
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28754
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the admin/specials.php page. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable osCommerce admin/specials.php page
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28755
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the stats_products_purchased.php file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28756
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the stats_products_viewed.php file. It includes a sample URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable URL
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28757
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the tax_classes.php file. It includes a proof-of-concept URL demonstrating how an attacker could inject arbitrary script code.
Classification
Writeup 90%
Target:
osCommerce
No auth needed
Prerequisites:
Access to the vulnerable osCommerce installation
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28758
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the tax_rates.php admin page. It includes a sample URL demonstrating how an attacker could inject arbitrary script code via the 'page' parameter.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
Auth required
Prerequisites:
Access to the admin panel or ability to trick an admin into clicking a malicious link
exploitdb
WRITEUP
VERIFIED
by Lostmon · textwebappsphp
https://www.exploit-db.com/exploits/28759
The provided text describes a cross-site scripting (XSS) vulnerability in osCommerce, specifically in the zones.php admin page. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 90%
Target:
osCommerce (version not specified)
Auth required
Prerequisites:
Access to the admin panel · Victim interaction required