cve/CVE-2017-7391.md at bfbdb15d530107ed63bf22a2f414213ca05fd0ff

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

Description

A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

POC

Reference

https://github.com/dweeves/magmi-git/issues/522

Github

https://github.com/ARPSyndicate/kenzer-templates
https://github.com/Elsfa7-110/kenzer-templates
https://github.com/d4n-sec/d4n-sec.github.io
https://github.com/gnarkill78/CSA_S2_2024
https://github.com/merlinepedra/nuclei-templates
https://github.com/merlinepedra25/nuclei-templates
https://github.com/sobinge/nuclei-templates

1.1 KiB Raw Blame History

CVE-2017-7391

Description

POC

Reference

Github

1.1 KiB

Raw Blame History