CVE-2024-35538 PoC — typecho 安全漏洞

Source

https://github.com/cyberaz0r/Typecho-Multiple-Vulnerabilities

Associated Vulnerability

Title:typecho 安全漏洞 (CVE-2024-35538)
Description:typecho是typecho个人开发者的一个 PHP 博客平台。简单而强大。 typecho 1.3.0及之前版本存在安全漏洞，该漏洞源于包含一个客户端IP欺骗漏洞，允许攻击者在执行HTTP请求时通过将任意IP指定为X-Forwarded-For或Client-Ip标头的值来伪造其IP地址。

Description

Exploits for Typecho CVE-2024-35538, CVE-2024-35539 and CVE-2024-35540

Readme

# Typecho Multiple Vulnerabilities
This repository contains the exploits of the following vulnerabilities:
* **CVE-2024-35538:** In Typecho v1.3.0 there is a Client IP Spoofing vulnerability, which allows malicious actors to falsify their IP addresses by specifying an arbitrary IP as value of "X-Forwarded-For" or "Client-Ip" headers while performing HTTP requests.
* **CVE-2024-35539:** In Typecho v1.3.0 there is a Race Condition vulnerability in the post commenting functionality, which allows an attacker to post several comments before the spam protection checks if the comments are posted too frequently.
* **CVE-2024-35540:** In Typecho v1.3.0 there is a Stored Cross-Site Scripting vulnerability in the post writing functionality, which allows an attacker with post writing privileges to inject arbitrary JavaScript code inside the preview of a post.

File Snapshot


 [4.0K]  /data/pocs/89f20b47cdea8f6c4295445067c29defb950ea5a
├── [4.5K]  CVE-2024-35538.go
├── [4.6K]  CVE-2024-35539.go
├── [6.8K]  CVE-2024-35540.go
├── [ 34K]  LICENSE
└── [ 860]  README.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!