CVE-2018-17081 PoC — e107 跨站请求伪造漏洞

Source

https://github.com/himanshurahi/e107_2.1.9_CSRF_POC

Associated Vulnerability

Title:e107 跨站请求伪造漏洞 (CVE-2018-17081)
Description:e107是e107团队开发的的一套开源、免费且基于PHP和MySQL的内容管理系统（CMS）。该系统支持多种插件和外观主题，可作为个人博客、讨论社区、档案资料库等。 e107 2.1.9版本中存在跨站请求伪造漏洞。远程攻击者可通过发送e107_admin/wmessage.php?mode=&action=inline&ajax_used=1&id=请求利用该漏洞更改任意页面的标题。

Description

CVE-2018-17081

Readme

# e107_2.1.9_CSRF_POC
# CVE-2018-17081

File Snapshot


 [4.0K]  /data/pocs/af0d50129db24734f69a545007fc38b7783bf3d7
├── [ 36K]  e107_2.1.9_CSRF_POC.pdf
└── [  39]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!