2 matches found
CVE-2018-15562
CMS ISWEB 3.5.3 is affected by a Cross-Site Scripting (XSS) vulnerability in index.php, exploitable via the parameters ordineRis, sezioneRicerca, or oggettiRicerca. The issue allows injection of arbitrary scripts/HTML, enabling remote attackers to run client-side code. Documented exploitation was...
CMS ISWEB 3.5.3 Cross Site Scripting
CMS ISWEB 3.5.3 XSS Reflected CVE CVE-2018-15562 Parameter vuln: ordineRis, sezioneRicerca oggettiRicerca PoC Prints: https://i.imgur.com/5YpESoC.png Vendor of Product http://www.isweb.it Attack Type Remote Attack Vectors Payload:" URL:...