CVE-2017-12792 PoC — NexusPHP 跨站请求伪造漏洞

Source

https://github.com/ZZS2017/cve-2017-12792

Associated Vulnerability

Title:NexusPHP 跨站请求伪造漏洞 (CVE-2017-12792)
Description:NexusPHP是中国Nexus团队开发的一套使用PHP编写的资源分享社区解决方案。 NexusPHP 1.5版本中存在多个跨站请求伪造漏洞。远程攻击者可借助‘linkname’、‘url’或‘title’参数利用该漏洞执行未授权的操作。

Description

NexusPHP CSRF+XSS

Readme

# cve-2017-12792

File Snapshot


 [4.0K]  /data/pocs/a0626a053d3cca0474297b45a4f129e6fa579a30
├── [ 579]  index.html
├── [  17]  README.md
└── [457K]  The_Vulnerabilitie_of_NexusPHP.docx

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!