3 matches found
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component...
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component...
CVE-2024-28741
CVE-2024-28741 affects NorthStar C2 v1 by EnginDemirbilek. It is a stored XSS in login.php that allows an unauthenticated remote attacker to execute arbitrary code on NorthStar C2 agents via crafted agent registrations and the logs page. Public PoCs and exploits exist (GitHub PoC, Metasploit modu...