Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-4112 PoC — Shuttle Booking Software 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-4112.yaml
Associated Vulnerability
Title:Shuttle Booking Software 跨站脚本漏洞 (CVE-2023-4112)
Description:Shuttle Booking Software是PHP Jabbers开源的一个班车预订软件。 PHP Jabbers Shuttle Booking Software 1.0版本存在跨站脚本漏洞,该漏洞源于文件/index.php存在问题,会导致跨站脚本。
Description
The attacker can send to victim a link containing a malicious URL in an email or instant message can perform a wide variety of actions, such as stealing the victim's session token or login credentials.
File Snapshot

 id: CVE-2023-4112

info:
  name: PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting
  au

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.