Advertisement






nuevoMailer v.4.00 Cross-Site Scripting Vulnerability

CVE Category Price Severity
N/A CWE-79 N/A Medium
Author Risk Exploitation Type Date
N/A Medium Remote 2017-10-17
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2017100123

Below is a copy:

nuevoMailer v.4.00 Cross-Site Scripting Vulnerability
nuevoMailer v.4.00 is vulnerable to Cross-Site Scripting (XSS):

The vulnerability exists due to failure in the "/admin/index.php" script to properly sanitize user-supplied input.
Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
The following PoC is available:

http://[host]/admin/index.php?message=[XSS]

Mail me: p4kl0nc4t[at]obsidiancyberteam.id

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum