Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | This script exploits a stored XSS vulnerability (CVE-2024-42009) in Roundcube Webmail version 1.6.7. It injects a malicious payload into the webmail system, which, when triggered, exfiltrates email content from the victim’s inbox. | https://github.com/0xbassiouny1337/CVE-2024-42009 | POC Details |
| 2 | This Proof of Concept (PoC) demonstrates an exploit for CVE-2024-42009, leveraging a cross-site scripting (XSS) vulnerability to extract emails from a target webmail application. The attack injects a malicious payload that exfiltrates email content to an attacker-controlled listener. | https://github.com/Bhanunamikaze/CVE-2024-42009 | POC Details |
| 3 | CVE-2024-42009 Proof of Concept | https://github.com/DaniTheHack3r/CVE-2024-42009-PoC | POC Details |
| 4 | None | https://github.com/Shubhankargupta691/CVE-2024-42009 | POC Details |
| 5 | A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-42009.yaml | POC Details |
No public POC found.
Login to generate AI POCNo comments yet