8e0113decc
12 changes to exploits/shellcodes Easy CD & DVD Cover Creator 4.13 - Denial of Service (PoC) MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path Knockpy 4.1.1 - CSV Injection Wordpress Core 5.2.2 - 'post previews' XSS 4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting Mantis Bug Tracker 2.24.3 - 'access' SQL Injection Advanced Comment System 1.0 - 'ACS_path' Path Traversal sar2html 3.2.1 - 'plot' Remote Code Execution CMS Made Simple 2.2.15 - RCE (Authenticated) Subrion CMS 4.2.1 - 'avatar[path]' XSS Click2Magic 1.1.5 - Stored Cross-Site Scripting Arteco Web Client DVR/NVR - 'SessionId' Brute Force
13 lines
No EOL
494 B
Text
13 lines
No EOL
494 B
Text
# Exploit Title: Subrion CMS 4.2.1 - 'avatar[path]' XSS
|
|
# Date: 2020-12-15
|
|
# Exploit Author: icekam
|
|
# Vendor Homepage: https://subrion.org/ <https://www.icekam.com/>
|
|
# Software Link: https://github.com/intelliants/subrion
|
|
# Version: Subrion CMS 4.2.1
|
|
# CVE : CVE-2020-35437
|
|
|
|
stored xss vulnerability in /_core/profile/.
|
|
Reproduce through the avatar[path] parameter in post /_core/profile/ url.
|
|
payload:"><sCrIpT>alert(1)</sCrIpT>
|
|
|
|
https://github.com/intelliants/subrion/issues/880 |