CVE-2023-26262 PoC — Sitecore 代码问题漏洞

Source

https://github.com/istern/CVE-2023-26262

Associated Vulnerability

Title:Sitecore 代码问题漏洞 (CVE-2023-26262)
Description:Sitecore是丹麦Sitecore公司的一套在线营销内容管理系统（CMS）。该系统支持内容编辑、多种语言、多网站部署、数字资产管理等。 Sitecore XP/XM 10.3版本存在安全漏洞，该漏洞源于存在不受限制的文件上传漏洞，攻击者利用该漏洞可以导致在内容管理(CM)服务器上直接执行代码。

File Snapshot


 [4.0K]  /data/pocs/89ecde07e36470aa9a97321ec4515aaf0e430d30
├── [4.0K]  images
│   ├── [3.4M]  1.png
│   ├── [918K]  2.png
│   ├── [2.0M]  3.png
│   ├── [2.6M]  4.png
│   ├── [ 84K]  runcmd.png
│   ├── [ 45K]  sitecoreinfo.png
│   ├── [ 62K]  toolbox1.png
│   ├── [105K]  toolbox2.png
│   ├── [ 19K]  u1.png
│   ├── [ 48K]  u2.png
│   ├── [ 20K]  u3.png
│   └── [ 12K]  u4.png
└── [3.1K]  ReadMe.md

1 directory, 13 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-26262 PoC — Sitecore 代码问题漏洞

Source

Associated Vulnerability

File Snapshot

Remarks