Search for hundreds of thousands of exploits

"LanSweeper 6.0.100.75 - Cross-Site Scripting"

Author

Exploit author

"Miguel Mendez Z"

Platform

Exploit platform

aspx

Release date

Exploit published date

2017-11-16

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LanSweeper - Cross Site Scripting and HTMLi

Title: Vulnerability in LanSweeper
Date: 16-11-2017
Status: Vendor contacted, patch available
Author: Miguel Mendez Z
Vendor Homepage: http://www.lansweeper.com
Version: 6.0.100.75
CVE: CVE-2017-16841

Vulnerability description -------------------------

LanSweeper 6.0.100.75 has XSS via the description parameter to "/Calendar/CalendarActions.aspx".
Take control of the browser using the xss shell or perform malware attacks on users.

Vulnerable variable:
--------------------

"http://victim.com/Calendar/CalendarActions.aspx?action=scheduleinfo&id=2&__VIEWSTATE=&title=Test+Lansweeper&description=XSS/HTMLI&type=1&startdate=13/10/2017&txtStart=19:30&enddate=13/10/2017&txtEnd=21:30&reminder=15&repeattype=1&amount=1&repeatby=0&monthday=1&monthweekday=1&monthweekdayday=1&ends=1&occurrences=15&repeatenddate=&agents={"14":{"id":14,"editAllowed":true}}&teams=&delete=false"

"http://victim.com/Scanning/report.aspx?det=web50accessdeniederrors&title=XSS/HTMLI"

"http://victim.com/Software/report.aspx?det=XSS/HTMLI&title=Linux Software"


Poc:
----
https://www.youtube.com/watch?v=u213EqTSsXQ
Release DateTitleTypePlatformAuthor
2020-03-16"Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)"webappsasp"Miguel Mendez Z"
2019-05-07"Easy Chat Server 3.1 - 'message' Denial of Service (PoC)"doswindows"Miguel Mendez Z"
2018-10-04"NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) (ASLR Bypass)"localwindows_x86"Miguel Mendez Z"
2018-07-16"VelotiSmart WiFi B-380 Camera - Directory Traversal"webappshardware"Miguel Mendez Z"
2018-01-30"LabF nfsAxe 3.7 TFTP Client - Local Buffer Overflow"doswindows"Miguel Mendez Z"
2017-11-29"Dup Scout Enterprise 10.0.18 - 'Input Directory' Local Buffer Overflow (SEH)"remotewindows"Miguel Mendez Z"
2017-11-16"LanSweeper 6.0.100.75 - Cross-Site Scripting"webappsaspx"Miguel Mendez Z"
2017-06-20"BOA Web Server 0.94.14rc21 - Arbitrary File Access"webappslinux"Miguel Mendez Z"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/43149/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.