CVE-2022-29004 PoC — Diary Management System 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-29004.yaml

Associated Vulnerability

Title:Diary Management System 跨站脚本漏洞 (CVE-2022-29004)
Description:Diary Management System是ANUJ KUMAR个人开发者的一个电子日记管理系统。 Diary Management System v1.0 版本存在安全漏洞，该漏洞源于 search-result.php 中的 Name 参数包含跨站点脚本（XSS）问题。

Description

Diary Management System 1.0 contains a cross-site scripting vulnerability via the Name parameter in search-result.php.

File Snapshot


 id: CVE-2022-29004

info:
  name: Diary Management System 1.0 - Cross-Site Scripting
  author: TenBi

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!