DedeCMS v5.7 carbuyaction 存儲型XSS漏洞

From PwnWiki
Revision as of 10:08, 10 April 2021 by Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==前提條件== 需要站點啟用商城功能。 </translate> <translate> ==漏洞利用== </translate> <translate> 首先管理員添加一...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese • ‎español • ‎한국어

前提條件

需要站點啟用商城功能。

漏洞利用

首先管理員添加一項商城的商品:

Add good.png

前台用戶選定商品添加購物車:

Add shopcar.png


利用:

Edit address.png


Xssed.png


Back xssed.png

Retrieved from "https://pwnwiki.com/index.php?title=DedeCMS_v5.7_carbuyaction_存儲型XSS漏洞&oldid=1360"