漏洞描述
Redrock Software TutorTrac是Redrock Software公司的一个基于 web 的应用程序。 Redrock Software TutorTrac v4.2.170210之前版本存在安全漏洞,攻击者利用该漏洞可以通过精心设计的有效负载注入到访问列表页面的reason 和 location字段,来执行任意 Web 脚本或 HTML。
Redrock Software TutorTrac 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- White Star Software Protop /pt3upd/ 目录遍历漏洞 (CVE-2025-44177)
- POC CVE-2018-14931: Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect
- POC CVE-2020-26073: Cisco SD-WAN vManage Software - Local File Inclusion
- POC CVE-2020-3187: Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal
- POC CVE-2020-3580: Cisco ASA/FTD Software - Cross-Site Scripting
- POC CVE-2021-37589: Virtua Software Cobranca <12R - Blind SQL Injection
- POC CVE-2022-26564: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting
- POC CVE-2022-26833: Open Automation Software OAS Platform V16.00.0121 - Missing Authentication
- POC CVE-2022-32409: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
- POC CVE-2022-34093: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting