mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
739 B
739 B
CVE-2018-18381
Description
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
POC
Reference
- https://github.com/seedis/Z-BlogPHP/blob/master/Z-BlogPHP_stored_xss.md
- https://github.com/seedis/Z-BlogPHP/blob/master/Z-BlogPHP_stored_xss.md
Github
No PoCs found on GitHub currently.