.. / CVE-2019-15501

Exploit for L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting (CVE-2019-15501)

Description:

L-Soft LISTSERV before 16.5-2018a contains a reflected cross-site scripting vulnerability via the /scripts/wa.exe OK parameter.

Nuclei Template

View the template here CVE-2019-15501.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-15501.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2019-15501
https://www.exploit-db.com/exploits/47302
https://github.com/ARPSyndicate/kenzer-templates
http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018a_WhatsNew.pdf