EXPLOITDB-EDB-35756

EXPLOITDB text VERIFIED WORKING POC

Exploit for EIP-2026-110315 - openQRM 4.8 - 'source_tab' Cross-Site Scripting

AI Analysis

The exploit demonstrates a reflected XSS vulnerability in openQRM 4.8 by injecting a script tag into the 'source_tab' parameter of the zfs-storage-action.php endpoint. The payload executes arbitrary JavaScript in the context of the affected site.

Attack Type

XSS

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1059.007 - JavaScript

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/35756

Authors

AutoSec Tools

Vulnerability

EIP-2026-110315

openQRM 4.8 - 'source_tab' Cross-Site Scripting