XSS vulnerability exists in phpwind

phpwind has XSS vulnerability in default template
Tested through the demo site on the official website and found that the latest version is the same
url:http://demo.phpmywind.com/
Vulnerable URL:http://demo.phpmywind.com//goodsshow.php?cid=12&tid=10&id=1
Start the packet capture test:
XSS vulnerability exists in phpwind
Click to buy now

POST:
POST /shoppingcart.php?a=addshopingcart HTTP/1.1
Host: demo.phpmywind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0
Accept: text/html, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 71
Origin: http://demo.phpmywind.com
Connection: keep-alive
Referer: http://demo.phpmywind.com/goodsshow.php?cid=12&tid=10&id=1

typeid=10&goodsid=1&buynum=1&attrid_1=%E9%BB%91%E8%89%B2&attrid_2=WCDMA

Modify the JavaScript statement of the parameter attrid_1
Successfully triggered
XSS vulnerability exists in phpwind

 

关于渗透测试入门到进阶教学
后期的系列课程、问答以及工具、思路分享将会在星球发布
切换注册

登录

忘记密码 ?

切换登录

注册