Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-79 | N/A | Medium |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
N/A | Medium | Remote | 2017-10-17 |
nuevoMailer v.4.00 is vulnerable to Cross-Site Scripting (XSS): The vulnerability exists due to failure in the "/admin/index.php" script to properly sanitize user-supplied input. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. The following PoC is available: http://[host]/admin/index.php?message=[XSS] Mail me: p4kl0nc4t[at]obsidiancyberteam.id
Copyright ©2024 Exploitalert.