CVE-2022-47003 PoC — Mura CMS 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-47003.yaml

Associated Vulnerability

Title:Mura CMS 安全漏洞 (CVE-2022-47003)
Description:Mura CMS是Mura公司的一个基于云、API 驱动的企业内容管理解决方案。用于更快、更轻松地构建 web 和移动体验。 Mura CMS v10.0.580之前的版本存在安全漏洞，该漏洞源于其Remember Me功能允许攻击者通过精心制作的web请求绕过身份验证。

Description

Mura CMS before 10.0.580 is susceptible to authentication bypass in the Remember Me function. An attacker can bypass authentication via a crafted web request and thereby obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.

File Snapshot


 id: CVE-2022-47003

info:
  name: Mura CMS <10.0.580 - Authentication Bypass
  author: iamnoooob,roo

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!