Published on April 6th, 2023 📆 | 3002 Views ⚑

Monitorr 1.7.6 Cross Site Scripting – Torchsec

# Exploit Title: Monitorr v1.7.6 - Cross Site Scripting
# CVE: CVE-2023-26776
# Exploit Author: Achuth V P (retrymp3)
# Date: February 09, 2023
# Vendor Homepage: https://github.com/Monitorr/
# Software Link: https://github.com/Monitorr/Monitorr
# Tested on: Ubuntu
# Version: v1.7.6
# Exploit Description:  Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a remote attacker to execute arbitrary code via the title parameter of the post_receiver-services.php file.Attacker can create a service configuration at /assets/php/post_receiver-services.php with the title of the service being something like;  or just 
The injected script tag is executed everytime the home page is loaded.

Source link

Tagged with: 1.7.6 • cross • monitorr • scripting • Site • torchsec

Comments are closed.

🌟 Your Account

Username/Email Password
Remember Me
Register
🔔 Email Subscriptions

Get new posts by email
- Donate Via Wallets
  MetaMask
  
  Trust Wallet
  
  Binance Wallet
  
  WalletConnect
Popular
- Red Hat Security Advisory 2024-2049-03 – Torchsec by Admin May 4, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2049.jsonRed Hat officially shut… (9)
- Hackers Exploiting WP-Automatic Plugin Bug to Create… by Admin April 26, 2024 Apr 26, 2024NewsroomThreat Intelligence / Cyber Attack Threat actors are… (9)
- Red Hat Security Advisory 2024-2585-03 – Torchsec by Admin May 2, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2585.jsonRed Hat officially shut… (8)
- China-Linked Hackers Suspected in ArcaneDoor… by Admin May 6, 2024 May 06, 2024NewsroomNetwork Security / Malware The recently uncovered cyber… (8)
Gloss
☕️Social Media

Torchsec

Tweets by Torch_sec
👥Members

Newest | Active | Popular
- Carmel Mary
  
  registered 19 minutes ago
- Johnie Patch
  
  registered 55 minutes ago
- Joanne Klein
  
  registered 57 minutes ago
- Stephan Stark
  
  registered 1 hour, 32 minutes ago
- Domenic Bousquet
  
  registered 1 hour, 53 minutes ago
🌍 Forum Groups

Newest | Active | Popular | Alphabetical
- Help Me !!
  
  active 19 minutes ago
- Comments & Suggestions
  
  active 19 minutes ago
- Ebooks – Papers
  
  active 19 minutes ago
- Embedded Systems, Electronics, Gadgets, and DIY
  
  active 19 minutes ago
- Gaming
  
  active 19 minutes ago
linktr.ee/obewyn

We share and comment on interesting infosec related news, tools and more. Follow us on RSS ,Facebook or Twitter for the latest updates. Torchsec is designed to help Auditors, Pentesters & Security Experts to keep their ethical hacking oriented toolbox up-to-date .
This website is made for educational and ethical testing purposes only。It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this website.

Monitorr 1.7.6 Cross Site Scripting – Torchsec

🌟 Your Account

🔔 Email Subscriptions

Get new posts by email

Donate Via Wallets

Popular

Gloss

☕️Social Media

👥Members

🌍 Forum Groups