CVEs-PoC/2017/CVE-2017-16815.md at e7be3f24665f27f4f8a571f070ce04dfd1f54dc4

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-11 08:27:12 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

installer.php in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin before 1.2.30 for WordPress has XSS because the values "url_new" (/wp-content/plugins/duplicator/installer/build/view.step4.php) and "logging" (wp-content/plugins/duplicator/installer/build/view.step2.php) are not filtered correctly.

POC

Reference

https://packetstormsecurity.com/files/144914/WordPress-Duplicator-Migration-1.2.28-Cross-Site-Scripting.html

Github

No PoCs found on GitHub currently.

850 B Raw Blame History

CVE-2017-16815

Description

POC

Reference

Github

850 B

Raw Blame History