bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/45928.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

21 lines
No EOL
972 B
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting
# Date: 2018-11-27
# Exploit Author: Luca.Chiou
# Vendor Homepage: https://www.rockwellautomation.com/
# Version: 1408-EM3A-ENT B
# Tested on: It is a proprietary devices: https://ab.rockwellautomation.com/zh/Energy-Monitoring/1408-PowerMonitor-1000
# CVE : N/A
# 1. Description:
# In Rockwell Automation Allen-Bradley PowerMonitor 1000 web page,
# user can add a new user by access the /Security/Security.shtm.
# When users add a new user, the new users account will in the post data.
# Attackers can inject malicious XSS code in users account parameter of post data.
# The users account parameter will be stored in database, so that cause a stored XSS vulnerability.
# 2. Proof of Concept:
# Browse http://<Your Modem IP>/Security/Security.shtm
# In page Security.shtm, add a new user
# Send this post data:
/Security/cgi-bin/security|0|0|<script>alert(123)</script>
Reference in a new issue View git blame Copy permalink