Exploit for Agent Tesla Botnet Cross Site Scripting

Name: Exploit for Agent Tesla Botnet Cross Site Scripting
Rating: 5 (809 reviews)

2020-10-30 | CVSS -0.3

## https://sploitus.com/exploit?id=PACKETSTORM:159773
################################  
# Exploit Title: Agent Tesla Botnet - Cross Site Scripting Vulnerability  
# Google Dork: n/a  
# Date: 29/10/2020  
# Exploit Author: n4pst3r  
# Vendor Homepage: unkn0wn  
# Software Link: http://www.agenttesla.com/ ¡ Down !  
# Version: unkn0wn  
# Tested on: Windows 10, debian 7  
# CVE : n/a  
################################  
# Vuln-Code: http://127.0.0.1/WebPanel/pages/get-log.php  
/get-screens.php  
/get-webcams.php  
  
<?php echo $_GET['title']; ?>  
  
################################  
PoC:  
  
http://127.0.0.1/WebPanel/pages/get-log.php?title=[XSS]  
/get-screens.php?title=[XSS]  
/get-webcams.php?title=[XSS]