CVE-2014-8069 YOOtheme Pagekit CMS 0.8.7 XSS漏洞

From PwnWiki

INFO

Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP Referer header to index.php/user or (2) PATH_INFO to index.php.


EXP

https://github.com/JustYoomoon/Exploit/blob/main/CVE-2014-8609.zip

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2014-8069_YOOtheme_Pagekit_CMS_0.8.7_XSS漏洞&oldid=1158"