**************************************************************************************** #Exploit Title: Ecommerce-PHP-kurniaramadhan-1.0- Stored Cross Site Scripting #Title of the Vulnerability: Stored Cross Site Scripting #Product Name: E-Commerce-PHP #Vendor: https://github.com/kurniaramadhan/ #Vulnerable Product Link: https://github.com/kurniaramadhan/E-Commerce-PHP #Date: 2025-01-10 #Exploit Author: Maloy Roy Orko #Google Dork: "Powered by kurniaramadhan" #Category:Webapps #Tested On: Android,Mac, Firefox ## Reference: https://www.websecurityinsights.my.id/2024/12/ecommerce-php-by-kurniaramadhan-sql.html https://vuldb.com/?id.290798 ###Affected Components: /admin/create_product.php & /admin/product.php #Description: Stored Cross Site Scripting in "/admin/create_product.php & /admin/product.php" in "E-commerce PHP application By kurniaramadhan v 1.0" allows "remote" attacker "to store XSS payload as create product fields aren't protected" via "/admin/create_product.php & /admin/product.php". ###Proof of Concept: ### Demo : http://192.168.1.100:8080/admin/create_product.php http://192.168.1.100:8080/admin/product.php ###Attack Vectors: To exploit vulnerability,he has to input exploits via prodyct name change or create in new name and then he can execute malicious javascript code in the visitors browser,mainly,here XSS can be exploited then. ###Detailed Blog About The Poc: https://www.websecurityinsights.my.id/2024/12/ecommerce-php-by-kurniaramadhan-sql.html ********************************************************* #Discovered by: Maloy Roy Orko #Website: https://www.websecurityinsights.my.id/ ****************************************************************************************