Jump to content

Montiorr 1.7.6m - Persistent Cross-Site Scripting

This CHT

Recommended Posts

  • Group:  The leader of the
  • Content Count:  4,798
  • Achievement Points:  31,700
  • With Us For:  233 Days
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

# Exploit Title: Montiorr 1.7.6m - Persistent Cross-Site Scripting
# Date: 25/4/2021
# Exploit Author: Ahmad Shakla
# Software Link: https://github.com/Monitorr/Monitorr
# Tested on: Kali GNU/Linux 2020.2
# Detailed Bug Description : https://arabcyberclub.blogspot.com/2021/04/monitor-176m-file-upload-to-xss.html

An attacker can preform an XSS attack via image upload

Steps :

1)Create a payload with the following format : 
><img src=x onerror=alert("XSS")>.png

2) Install the database by going to the following link :

3)Register for a new account on the server by going to the following link :

4)Login with your credentials on the following link :

5)Go to the following link and upload the payload :
Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...