Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-24336 PoC — Koha Library Management System 跨站脚本漏洞

Source
https://github.com/nitipoom-jar/CVE-2024-24336
Associated Vulnerability
Title:Koha Library Management System 跨站脚本漏洞 (CVE-2024-24336)
Description:Koha是Koha组织的一个用于图书馆自动化管理建站系统。 Koha Library Management System 23.05.05 及之前版本存在跨站脚本漏洞,该漏洞源于 /members/moremember.pl 和 /members/members-home.pl 端点中包含跨站脚本漏洞,允许攻击者通过Circulation note、Patrons Restriction组件对受影响页面的用户的用户名和密码进行未经授权的更改。
File Snapshot

 [4.0K]  /data/pocs/e0ebfc090dc476cc41a30b85addb60153c60cff2
├── [132K]  0.png
├── [ 98K]  1.png
├── [121K]  2.png
├── [113K]  3.png
├── [113K]  4.png
├── [118K]  5.png
├── [3.0M]  6.gif
├── [7.6K]  index.html
└── [ 11K]  styles.css

0 directories, 9 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.