admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 11:27:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/CMS漏洞/BloofoxCMS 0.5.2.1 存储型XSS.md
Threekiii 6a975abfe6 update
2024-12-18 10:47:51 +08:00

437 B
Raw Blame History

BloofoxCMS 0.5.2.1 存储型XSS

漏洞描述

参考链接:

漏洞影响

BloofoxCMS 0.5.1.0 -.5.2.1

网络测绘

app="BloofoxCMS"

漏洞复现

漏洞文件:

/admin/include/inc_content_articles.php

登录有效的账号在添加文章的时候插入Payload发布每次访问均可触发

<img src=# onerror=alert('xss')>