漏洞描述
i3Geo是用于开发交互式网络地图的应用程序,该程序7.0.5版本中access_token.php发现存在xss漏洞。
i3geo文件access_token.php存在XSS漏洞(CVE-2022-34093)
PoC代码
暂无相关漏洞推荐
- POCCVE-2022-32409: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
- POCCVE-2022-34093: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting
- POCCVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting
- POCCVE-2022-32409: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
- POCCVE-2022-34093: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting
- POCCVE-2022-34094: Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting
- 无POCi3Geo codemirror.php 文件 pagina 参数文件读取漏洞(CVE-2022-32409)
- 无POCi3geo文件request_token.php存在XSS漏洞(CVE-2022-34094)
- 无POCi3geo 跨站脚本漏洞(CVE-2022-34094)