CVE-2007-2547

EIP tracks 1 public exploit for CVE-2007-2547. PoCs published by John Martinelli.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in TurnkeyWebTools SunShop Shopping Cart v4 by injecting malicious JavaScript into the 'l' parameter. The PoC uses a form submission to trigger the XSS payload, which executes an alert dialog.

Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter.