CVE-2023-36347 PoC — POS Codekop 访问控制错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-36347.yaml

Associated Vulnerability

Title:POS Codekop 访问控制错误漏洞 (CVE-2023-36347)
Description:POS Codekop是一款应用程序。 POS Codekop v2.0版本存在安全漏洞，该漏洞源于损坏的身份验证机制，允许未经身份验证的攻击者下载销售数据。

Description

A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.

File Snapshot


 id: CVE-2023-36347

info:
  name: POS Codekop v2.0 - Broken Authentication
  author: princechaddha
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.