CVE-2023-4547 PoC — SPA-Cart eCommerce CMS 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-4547.yaml

Associated Vulnerability

Title:SPA-Cart eCommerce CMS 跨站脚本漏洞 (CVE-2023-4547)
Description:SPA-Cart eCommerce CMS是SPA-Cart公司的一个CMS系统。 SPA-Cart eCommerce CMS 1.9.0.3版本存在跨站脚本漏洞，该漏洞源于文件/search的参数filter[brandid]/filter[price]会导致跨站脚本。

Description

A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability.

File Snapshot


 id: CVE-2023-4547

info:
  name: SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting
  author: the

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!