CVE-2023-30212: OURPHP 跨站脚本漏洞

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2023-30212 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php.

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

OURPHP 跨站脚本漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

OURPHP是OURPHP开源的一个开源、跨平台、企业级+电商+小程序+APP多终端同步的CMS建站系统。 OURPHP 7.2.0版本及之前版本存在安全漏洞，该漏洞源于通过文件ourphp_out.php发现包含跨站脚本（XSS）漏洞。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE	订阅
-	n/a	n/a	-

二、漏洞 CVE-2023-30212 的公开POC

#	POC 描述	源链接	神龙链接
1	None	https://github.com/kuttappu123/CVE-2023-30212-LAB	POC详情
2	This repository provides a Docker container for simulating the CVE-2023-30212 vulnerability, allowing you to practice and understand its impact. It includes a comprehensive guide to help you set up the container on your own computer. The documentation for the Docker creation process is also included.	https://github.com/Rishipatidar/CVE-2023-30212-POC-DOCKER-FILE	POC详情
3	GitHub repository with Dockerfile and files to create a vulnerable environment for CVE-2023-30212, enabling exploration of the exploitability of this security vulnerability. Ideal for research and security enthusiasts to study and understand the impact of the vulnerability in a controlled setting.	https://github.com/mallutrojan/CVE-2023-30212-Lab	POC详情
4	None	https://github.com/Anandhu990/CVE-2023-30212_lab	POC详情
5	Docker environment and exploit the CVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0 .This vulnerability allows for Cross-Site Scripting (XSS) attacks	https://github.com/libas7994/CVE-2023-30212	POC详情
6	Docker environment and exploit the CVE-2023-30212 vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks	https://github.com/libasmon/Vulnerable-Docker-Environment-CVE-2023-30212	POC详情
7	Docker environment and exploit the CVE-2023-30212 vulnerabilityVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks	https://github.com/libasmon/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212	POC详情
8	Docker environment and exploit the CVE-2023-30212 vulnerabilityVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks	https://github.com/libasmon/Exploite-CVE-2023-30212-Vulnerability	POC详情
9	Vulnerable Docker Environment CVE-2023-30212	https://github.com/libas7994/Exploit-the-CVE-2023-30212-vulnerability	POC详情
10	Exploit-the-CVE-2023-30212-vulnerability	https://github.com/libasv/Exploite-CVE-2023-30212-vulnerability	POC详情
11	None	https://github.com/kai-iszz/CVE-2023-30212	POC详情
12	None	https://github.com/MaThEw-ViNcEnT/CVE-2023-30212-OURPHP-Vulnerability	POC详情
13	None	https://github.com/arunsnap/CVE-2023-30212-POC	POC详情
14	None	https://github.com/VisDev23/Vulnerable-Docker-CVE-2023-30212	POC详情
15	This contains the necessary files and Docker to replicate A vulnerability in OURPHP that has a XSS Vulnerability (CVE-2023-30212)	https://github.com/VisDev23/Vulnerable-Docker--CVE-2023-30212-	POC详情
16	None	https://github.com/AAsh035/CVE-2023-30212	POC详情
17	None	https://github.com/JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-	POC详情
18	OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-30212.yaml	POC详情
19	PoC for CVE-2023-30212 using Docker	https://github.com/sungmin20/cve-2023-30212	POC详情
20	None	https://github.com/imathewvincent/CVE-2023-30212-OURPHP-Vulnerability	POC详情

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2023-30212 的情报信息

Please 登录 to view more intelligence information

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2023-30212

暂无评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2023-30212 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2023-30212 的公开POC

三、漏洞 CVE-2023-30212 的情报信息

IV. Related Vulnerabilities

V. Comments for CVE-2023-30212

发表评论

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

一、 漏洞 CVE-2023-30212 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2023-30212 的公开POC

三、漏洞 CVE-2023-30212 的情报信息

IV. Related Vulnerabilities

V. Comments for CVE-2023-30212

发表评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2023-30212 基础信息