bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/aspx/webapps/51200.txt
Exploit-DB 3de26153c8 DB: 2023-04-02 
23 changes to exploits/shellcodes/ghdb

ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)

Hughes Satellite Router HX200 v8.3.1.14 -  Remote File Inclusion

Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)

TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)

GeoVision Camera GV-ADR2701 - Authentication Bypass

AD Manager Plus 7122 - Remote Code Execution (RCE)

Enlightenment v0.25.3 - Privilege escalation

Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)

Apache 2.4.x - Buffer Overflow

perfSONAR v4.4.5 - Partial Blind CSRF

SugarCRM 12.2.0 - Remote Code Execution (RCE)

XCMS v1.83 - Remote Command Execution (RCE)

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)

GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)

AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)

NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit

Splashtop 8.71.12001.0 - Unquoted Service Path

Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)

FlipRotation v1.0 decoder - Shellcode (146 bytes)

Linux/x86 - Polymorphic linux x86 Shellcode (92 Bytes)

macOS/x64 - Execve Caesar Cipher String Null-Free Shellcode
2023-04-02 00:16:21 +00:00

19 lines
No EOL
715 B
Text
Raw Permalink Blame History

# Exploit Title: ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)
# Date: 12/09/2022
# Exploit Author: Rob, CTRL Group
# Vendor Homepage: marigroup.com
# Version: V3.3.3 and under
# Tested on: Windows IIS all versions
# CVE : CVE-2022-35543
“Stored Cross-Site Scripting” Vulnerability within the Elsi Smart Floor software. This vulnerability does require authentication however, once the payload is stored, any user visiting the portal will trigger the alert.
Login to the appplication
Browse to "Settings" tab and tehn " Wards". Create a new word with the following payload at the ward name:
<script>alert(document.cookie)</script>
Any user browsing the application will trigger the payload.
Reference in a new issue View git blame Copy permalink