CVE-2022-45436 PoC — Artica PFMS Pandora FMS 跨站脚本漏洞

Source

https://github.com/damodarnaik/CVE-2022-45436

Associated Vulnerability

Title:Artica PFMS Pandora FMS 跨站脚本漏洞 (CVE-2022-45436)
Description:Artica Pandora FMS是西班牙Artica公司的一套监控系统。该系统通过可视化的方式监控网络、服务器、虚拟基础架构和应用程序等。 Artica PFMS Pandora FMS v765版本存在安全漏洞，该漏洞源于对用户的输入中和不当。攻击者利用该漏洞可以窃取管理员用户的cookie值。

Readme

# CVE-2022-45436
Reflected Cross Site Scripting leading to session hijacking in pandorafms <= Package v765 RRR.

#### > Exploit Title: Reflected Cross Site Scripting
#### > Date: 15/02/2023
#### > Exploit Author: Damodar Naik
#### > Vendor Homepage: https://pandorafms.com/en/
#### > Software Link: https://github.com/pandorafms/pandorafms
#### > Version: <= v765 RRR
#### > Tested on: Ubuntu
#### > CVE ID: CVE-2022-45436


### Steps to reproduce

Get the request by hitting the help button in the "http://localhost:8080/pandora_console/index.php?sec=network&sec2=operation/agentes/pandora_networkmap". (As shown in POC).
    Add the payload in the "b" parameter in the request.
    Copy the URL with payload in it, and it to the user logged in as admin.
    When Admin user try to visit the malicious link payload will gets executed.
XSS payload will be executed, which could be used for stealing admin users cookie value, etc.

File Snapshot


 [4.0K]  /data/pocs/4fc2efdb9e3fed2cdfba8d51927fb98534edd096
└── [ 930]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!