CVE-2022-3546 PoC — Simple Cold Storage Management System 跨站脚本漏洞

Source

https://github.com/thehackingverse/CVE-2022-3546

Associated Vulnerability

Title:Simple Cold Storage Management System 跨站脚本漏洞 (CVE-2022-3546)
Description:Simple Cold Storage Management System是Carlo Montero个人开发者的一个简易冷库管理系统。 Simple Cold Storage Management System 1.0版本存在安全漏洞，该漏洞源于/csms/admin/?page=user/list文件的一些未知功能受到影响，对参数First Name/Last Name的操作可能会导致跨站脚本攻击。

Readme

# CVE-2022-3546
# https://www.cve.org/CVERecord?id=CVE-2022-3546 
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability.

File Snapshot


 [4.0K]  /data/pocs/3bf5293d1691e06d757296b4dd6dccf67007786c
├── [ 974]  Poc
└── [ 559]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!