尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| - | n/a | n/a | - |
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | This script exploits a stored XSS vulnerability (CVE-2024-42009) in Roundcube Webmail version 1.6.7. It injects a malicious payload into the webmail system, which, when triggered, exfiltrates email content from the victim’s inbox. | https://github.com/0xbassiouny1337/CVE-2024-42009 | POC详情 |
| 2 | This Proof of Concept (PoC) demonstrates an exploit for CVE-2024-42009, leveraging a cross-site scripting (XSS) vulnerability to extract emails from a target webmail application. The attack injects a malicious payload that exfiltrates email content to an attacker-controlled listener. | https://github.com/Bhanunamikaze/CVE-2024-42009 | POC详情 |
| 3 | CVE-2024-42009 Proof of Concept | https://github.com/DaniTheHack3r/CVE-2024-42009-PoC | POC详情 |
| 4 | None | https://github.com/Shubhankargupta691/CVE-2024-42009 | POC详情 |
| 5 | A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-42009.yaml | POC详情 |
未找到公开 POC。
登录以生成 AI POC暂无评论