Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-7981 PoC — SPIP 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2016/CVE-2016-7981.yaml
Associated Vulnerability
Title:SPIP 跨站脚本漏洞 (CVE-2016-7981)
Description:SPIP是一套免费的基于Web的内容发布系统。该系统主要用于在线协作。 SPIP 3.1.2及之前的版本中的valider_xml.php脚本存在跨站脚本漏洞。远程攻击者可借助‘var_url’参数利用该漏洞注入任意Web脚本或HTML。
Description
SPIP 3.1.2 and earlier contains a cross-site scripting vulnerability in valider_xml.php which allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
File Snapshot

 id: CVE-2016-7981

info:
  name: SPIP <3.1.2 - Cross-Site Scripting
  author: pikpikcu
  severity: m

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.