# Exploit Title: Reflected HTML Injection # Google Dork: None # Date: 16/12/2015 # Exploit Author: Ramikan # Vendor Homepage:https://www.salicru.com/en/ # Software Link: N/A # Version: Tested on SaLICru -SLC-20-cube3(5). # Firmware: cs121-SNMP v4.54.82.130611 # CVE : CVE-2019-10887 # Category:Web Apps Vulnerability: Reflected HTML Injection Vendor Web site: Version tested:cs121-SNMP v4.54.82.130611 Solution: N/A Note:Default credential:admin/admin or admin/cs121-snmp Victim need to be authenticated in order to get affected by this. Vulnerability 1:Refelected HTML Injection Affected URL: /DataLog.csv?log= /AlarmLog.csv?log= /waitlog.cgi?name= /chart.shtml?data= /createlog.cgi?name= Affected Parameter: log, name, data Payload: