CVE-2026-7371 POC (Proof-of-Concept)

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. Reflected XXS via the error message for requesting non-existing page.

Published: 2026-05-04

CVSS: 7.4

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Download CVE-2026-7371 POC (Proof-of-Concept) here:

http://zeroday6mns52t72y3rsle7f72wca5uwn2xzktdysf72flozx7sv4mqd.onion/exploit-for-cve-2026-7371.724/

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

https://hokyo.gr/poc-387-cve-2026-7412/

https://hokyo.gr/poc-836-cve-2026-8076/

https://hokyo.gr/poc-617-cve-2026-7991/

https://hokyo.gr/poc-336-cve-2023-54342/