SaLICru -SLC-20-cube3(5) suffers from an html injection vulnerability.
f084464dba8b8951813c2af00518de63a5d48fbc2195a6386b82c04516e2f1c5# Exploit Title: Reflected HTML Injection
# Google Dork: None
# Date: 16/12/2015
# Exploit Author: Ramikan
# Vendor Homepage:https://www.salicru.com/en/
# Software Link: N/A
# Version: Tested on SaLICru -SLC-20-cube3(5).
# Firmware: cs121-SNMP v4.54.82.130611
# CVE : CVE-2019-10887
# Category:Web Apps
Vulnerability: Reflected HTML Injection
Vendor Web site:
Version tested:cs121-SNMP v4.54.82.130611
Solution: N/A
Note:Default credential:admin/admin or admin/cs121-snmp
Victim need to be authenticated in order to get affected by this.
Vulnerability 1:Refelected HTML Injection
Affected URL:
/DataLog.csv?log=
/AlarmLog.csv?log=
/waitlog.cgi?name=
/chart.shtml?data=
/createlog.cgi?name=
Affected Parameter: log, name, data
Payload: <h1>HTML Injection</h1>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed