Published: 21/08/2017 Updated: 06/09/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, admin/message.php, and admin/message_update.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpmywind phpmywind 5.3

Exploit Title：PHPMyWind 53 has XSS Exploit Author:小雨 Vendor Homepage:phpmywindcom Software Link:phpmywindcom/downloads/PHPMyWind_53zip Version:53 CVE:CVE-2017-12984 $r= $dosql->GetOne("SELECT Max(orderid) AS orderid FROM `#@__message`"); $orderid= (empty($r['orderid']) ? 1 : ($r['orderid'] + 1)); ...

Exploit Titlei1/4PHPMyWind 53 has XSSExploit Author:adege"Vendor Homepage:phpmywindcomSoftware Link:phpmywindcom/downloads/PHPMyWind_53zipVersion:53CVE:CVE-2017-12984 $r= $dosql->GetOne("SELECT Max(orderid) AS orderid FROM `#@__message`"); $orderid= (empty($r['orderid']) ? 1 : ($r['orderid'] + 1)); ...

CWE-79 http://www.yuag.org/2016/08/17/phpmywind_5-3%E5%AD%98%E5%82%A8%E5%9E%8Bxss/https://www.exploit-db.com/exploits/42535/https://nvd.nist.gov https://www.exploit-db.com/exploits/42535/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-12984

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect