mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 17:22:02 +00:00
957 B
957 B
CVE-2018-13001
Description
An XSS issue was discovered in Sandoba CP:Shop v2016.1. The vulnerability is located in the admin.php file of the ./cpshop/ module. Remote attackers are able to inject their own script codes to the client-side requested vulnerable web-application parameters. The attack vector of the vulnerability is non-persistent and the request method to inject/execute is GET with the path, search, rename, or dir parameter.
POC
Reference
- https://www.vulnerability-lab.com/get_content.php?id=2122
- https://www.vulnerability-lab.com/get_content.php?id=2122
Github
No PoCs found on GitHub currently.