Computer Security

Security Advisory: GMTT Music Distro 1.2 XSS Exploit
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution

  WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007)  (NEW)

  [waraxe-2007-SA#051] - Sql Injection in 2z Project 0.9.5

  ABC Excel Parser Pro v4.0 Remote File Include Exploit

From:CorryL <corrado.liotta_(at)_alice.it>
Date:25.05.2007
Subject:GMTT Music Distro 1.2 XSS Exploit

-=[--------------------ADVISORY-------------------]=-
                                             
                 GMTT Music Distro      
                                              
 Author: CorryL    [corryl80@gmail.com]   
-=[-----------------------------------------------]=-


-=[+] Application:    GMTT Music Distro
-=[+] Version:        1.2
-=[+] Vendor's URL:   http://www.gmtt.co.uk/_catalog/web_stores
-=[+] Platform:       Windows\Linux\Unix
-=[+] Bug type:       Cross-Site Script
-=[+] Exploitation:   Remote
-=[-]
-=[+] Author:           CorryL  ~ corryl80[at]gmail[dot]com ~
-=[+] Reference:       http://corryl.altervista.org/
-=[+] Irc Chan:         irc.darksin.net #x0n3-h4ck        


..::[ Descriprion ]::..

PHP Distro is designed to be an online record store,
though you could use it to sell anything. The shop features:
Paypal intergration, Admin add's product, support for cheque / postal order payments and many more.


..::[ Proof Of Concept ]::..

http://remote-server/path/showown.php?st=XSS

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru