This advisory details multiple persistent XSS vulnerabilities in VamCart v0.9 CMS, affecting modules like Manage Accounts, Manage Coupons, and Order Comments. The vulnerabilities stem from insufficient input validation in parameters such as 'Title', 'Name', 'Coupon Code', and 'Comments Text'.
Classification
Writeup 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:VamCart v0.9 CMS
Auth required
Prerequisites:Low-privileged user account · Access to vulnerable modules