CVEs-PoC/2018/CVE-2018-17049.md

CVE-2018-17049

Description

CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action.

POC

Reference

• https://github.com/TREYWANGCQU/LANKERS/issues/1

Github

No PoCs found on GitHub currently.