Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-24288 PoC — Acyba AcyMailing 输入验证错误漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-24288.yaml
Associated Vulnerability
Title:Acyba AcyMailing 输入验证错误漏洞 (CVE-2021-24288)
Description:Acyba AcyMailing是法国Acyba团队的一套新闻通讯和营销自动化软件。 AcyMailing 存在输入验证错误漏洞,该漏洞源于AcyMailing进行订阅时redirect参数未正确清除。
Description
WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sanitization of the redirect parameter. An attacker turning the request from POST to GET can craft a link containing a potentially malicious landing page and send it to the user.
File Snapshot

 id: CVE-2021-24288

info:
  name: WordPress AcyMailing <7.5.0 - Open Redirect
  author: 0x_Akoko
  s

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.