关联漏洞
标题:puppyCMS 跨站脚本漏洞 (CVE-2022-3464)Description:puppyCMS是一个应用软件。一个平面文件CMS。 puppyCMS 5.1之前版本存在安全漏洞,该漏洞源于文件 /admin/settings.php 的未知部分,操作参数 site_name 导致跨站脚本 (XSS)。
Description
A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-2 CVE project by @Sn0wAlice
介绍
# CVE-2022-3464
A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-210699.
| authentication | complexity | vector |
| --- | --- | --- |
| not available | not available | not available |
| confidentiality | integrity | availability |
| --- | --- | --- |
| not available | not available | not available |
## CVSS Score: **not available**
## References
* https://vuldb.com/?id.210699
## Brut File
* [CVE-2022-3464.json](./data_brut.json)
## About this repository
This repository is part of the project [Live Hack CVE](https://github.com/Live-Hack-CVE). Made by [Sn0wAlice](https://github.com/Sn0wAlice) for the people that care about security and need to have a feed of the latest CVEs. Hope you enjoy it, don't forget to star the repo and follow me on [Twitter](https://twitter.com/Sn0wAlice) and [Github](https://github.com/Sn0wAlice)
文件快照
[4.0K] /data/pocs/935e5385d5e0b3b63711ef8b91b0bc8f8fff8ccb
├── [1.2K] data_brut.json
└── [1.1K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。