CVE-2023-33405 PoC — BlogEngine 输入验证错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-33405.yaml

Associated Vulnerability

Title:BlogEngine 输入验证错误漏洞 (CVE-2023-33405)
Description:BlogEngine是一套开源的ASP.NET博客系统。该系统支持Ajax评论、自定义主题等。 BlogEngine 3.3.8.0及之前版本存在安全漏洞，该漏洞源于容易受到开放重定向的影响。

Description

Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect

File Snapshot


 id: CVE-2023-33405

info:
  name: BlogEngine CMS - Open Redirect
  author: Shankar Acharya
  severit

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!