CVE-2020-29070 PoC — osCommerce 跨站脚本漏洞

Source

https://github.com/aslanemre/cve-2020-29070

Associated Vulnerability

Title:osCommerce 跨站脚本漏洞 (CVE-2020-29070)
Description:osCommerce是一套基于GNUGPL授权的开源在线购物电子商务解决方案。 osCommerce 2.3.4.1版本存在跨站脚本漏洞，该漏洞源于通过身份验证的用户将XSS有效负载输入到新闻通讯的标题部分。

Description

CVE-2020-29070 write-up.

Readme

# CVE-2020-29070
CVE-2020-29070 write-up.

File Snapshot


 [4.0K]  /data/pocs/e4b699a6666ff265b810a3d47a88f91b6436ce20
├── [7.0K]  CVE-2020-29070
├── [ 34K]  LICENSE
└── [  42]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!