Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2021-25790

Description

Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.

POC

Reference

- https://www.exploit-db.com/exploits/49352

Github

- https://github.com/MrCraniums/CVE-2021-25790-Multiple-Stored-XSS

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/manas3c/CVE-POC

- https://github.com/n0-traces/cve_monitor

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/whoforget/CVE-POC

- https://github.com/youwizard/CVE-POC