CVE-2023-51504 PoC — WordPress plugin Dans Embedder for Google Calendar 跨站脚本漏洞

Source

https://github.com/Sybelle03/CVE-2023-51504

Associated Vulnerability

Title:WordPress plugin Dans Embedder for Google Calendar 跨站脚本漏洞 (CVE-2023-51504)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Dans Embedder for Google Calendar 存在跨站脚本漏洞。攻击者利用该漏洞可以向页面注入代码。

Description

This is a dockerized reproduction of the MotoCMS SQL injection (cf exploit db)

Readme

# CVE-2023-51504
This is a dockerized reproduction of the MotoCMS SQL injection (cf exploit db) 

# Description
MotoCMS Version 3.4.3 SQL Injection via the keyword parameter on the link https://template189526.motopreview.com/store/category/search/?keyword=1

Reproducing the vulnerability involved defining (in a Dockerfile) the commands or instructions needed to reproduce a kali linux machine and run sqlmap in order to detect and display the results of the vulnerability.

To get the results, run the command 

```docker run -d sybelle20/cve-2023-51504:motocms-sqli```

File Snapshot


 [4.0K]  /data/pocs/44ab0c81de28ed711c7b8d1be6d9412888d59dad
├── [4.0K]  motocms-sqli-vul
│   └── [ 541]  Dockerfile
└── [ 572]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!