漏洞描述
Redrock Software TutorTrac是Redrock Software公司的一个基于 web 的应用程序。 Redrock Software TutorTrac v4.2.170210之前版本存在安全漏洞,攻击者利用该漏洞可以通过精心设计的有效负载注入到访问列表页面的reason 和 location字段,来执行任意 Web 脚本或 HTML。
Redrock Software TutorTrac 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- Atlassian Jira Software Data Center And Server 需授权 路径遍历漏洞
- Cisco IOS XE Software 命令注入漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- (CVE-2025-20240) Cisco IOS XE Software Web UI反射型跨站脚本漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- White Star Software Protop /pt3upd/ 目录遍历漏洞 (CVE-2025-44177)
- POC CVE-2018-14931: Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect
- POC CVE-2020-26073: Cisco SD-WAN vManage Software - Local File Inclusion
- POC CVE-2020-3187: Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal
- POC CVE-2020-3580: Cisco ASA/FTD Software - Cross-Site Scripting
- POC CVE-2021-37589: Virtua Software Cobranca <12R - Blind SQL Injection
- POC CVE-2022-26564: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting