Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-7269 PoC — Boka SiteEngine api.php文件输入验证漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2008/CVE-2008-7269.yaml
Associated Vulnerability
Title:Boka SiteEngine api.php文件输入验证漏洞 (CVE-2008-7269)
Description:SiteEngine(网站引擎)是一款智能化网络营销型网站建设管理平台软件。 SiteEngine 5.x版本中的api.php文件中存在开放重定向漏洞。用户协助的远程攻击者可以借助logout操作的forward参数中的URL,重定向用户到任意web站点并进行钓鱼攻击。
Description
Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action.
File Snapshot

 id: CVE-2008-7269

info:
  name: UC Gateway Investment SiteEngine v5.0 - Open Redirect
  author: ctf

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.