CVE-2017-17059 PoC — WordPress amtyThumb amty-thumb-recent-post插件跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-17059.yaml

Associated Vulnerability

Title:WordPress amtyThumb amty-thumb-recent-post插件跨站脚本漏洞 (CVE-2017-17059)
Description:WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台，该平台支持在PHP和MySQL的服务器上架设个人博客网站。amtyThumb amty-thumb-recent-post（又名amtyThumb posts or wp-thumb-post）plugin是使用在其中的一个图像提取插件。 WordPress amtyThumb amty-thumb-recent-post插件8.1.3版本中存在跨站脚本漏洞，该漏洞源于程序没有充分的过滤用户提交的数据。远程攻击者可通过向a

Description

WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php.

File Snapshot


 id: CVE-2017-17059

info:
  name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting
  author: d

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!