CVE-2018-10097 PoC — Smartscript Solutions Domain Trader 跨站脚本漏洞

Source

https://github.com/ashangp923/CVE-2018-10097

Associated Vulnerability

Title:Smartscript Solutions Domain Trader 跨站脚本漏洞 (CVE-2018-10097)
Description:Smartscript Solutions Domain Trader是英国Smartscript Solutions公司的一套域名拍卖和域名停放软件。 Smartscript Solutions Domain Trader 2.5.3版本中存在跨站脚本漏洞。远程攻击者可通过向recoverlogin.php文件发送‘email_address’参数利用该漏洞注入任意的Web脚本或HTML。

Description

To exploit XSS injection

File Snapshot


 [4.0K]  /data/pocs/e67d40043d495eb00cfd309aece342254978e693
├── [339K]  it22327680_cve-2018-10097.pdf
├── [1.8K]  recoverlogin.php
└── [  41]  Tryahackme Room link.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!