CVE-2012-5321 PoC — Tiki Wiki CMS Groupware ‘url’ 参数URI重定向漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2012/CVE-2012-5321.yaml

Associated Vulnerability

Title:Tiki Wiki CMS Groupware ‘url’ 参数URI重定向漏洞 (CVE-2012-5321)
Description:Tiki Wiki CMS Groupware是Tiki软件社区的一套开源的内容管理和门户应用程序，它可用于创建Web应用程序、门户网站、企业内部网、外联网等。。 Tiki Wiki CMS Groupware 8.3版本中的tiki-featured_link.php中存在URI重定向漏洞，该漏洞源于应用程序对用户提供的输入未经充分过滤。攻击成功可能导致钓鱼攻击，也可能执行其他的攻击。

Description

tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection

File Snapshot


 id: CVE-2012-5321

info:
  name: TikiWiki CMS Groupware v8.3 - Open Redirect
  author: ctflearner
  

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!