Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2022-34093

Published: 14/07/2022 Updated: 18/10/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to I3geo

Vulnerability Summary

Portal do Software Publico Brasileiro i3geo v7.0.5 exists to contain a cross-site scripting (XSS) vulnerability via access_token.php.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

softwarepublico i3geo 7.0.5

Github Repositories

https://github.com/wagnerdracha/ProofOfConcept

Este repositório é destinado a publicação de POC encontradas.

ProofOfConcept Este repositório é destinado a publicação de POC encontradas #POCs CVE-2022-32409 - i3geo - LFI (Local File Inclusion) - codemirrorphp CVE-2022-34092 - i3geo - XSS (Cross Site Scripting) or HTML Injection - svg2imgphp CVE-2022-34093 - i3geo - XSS (Cross Site Scripting) or HTML Injection - access_tokenphp CVE-2022

References

CWE-79https://github.com/saladesituacao/i3geo/issues/4https://github.com/edmarmoretti/i3geo/issues/4https://owasp.org/www-community/attacks/xss/https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L44https://softwarepublico.gov.br/social/i3geohttps://nvd.nist.govhttps://github.com/wagnerdracha/ProofOfConcept
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook