#利用标题: Pyocms v3.0.1-存储的XSS
#日期: 2023-11-25
#利用作者: TMRSWRR
#类别: WebApps
#供应商homepage3360 https://pyrocms.com/
#版本: v3.0.1
#测试在: https://www.softaculous.com/apps/cms/pyrocms
--------------------------------------------------------------------------------------------------------------------------------------------------------
1-Login Admin面板,转到此URL : https://127.0.0.0.1/public/admin/redirects/edit/1
从字段重定向2-WRITE您的有效载荷: SVG/仅=1 onload=确认(1)//
3-save it并转到此URL : https://127.0.0.0.1/public/admin/redirects
4您将看到警报按钮
#日期: 2023-11-25
#利用作者: TMRSWRR
#类别: WebApps
#供应商homepage3360 https://pyrocms.com/
#版本: v3.0.1
#测试在: https://www.softaculous.com/apps/cms/pyrocms
--------------------------------------------------------------------------------------------------------------------------------------------------------
1-Login Admin面板,转到此URL : https://127.0.0.0.1/public/admin/redirects/edit/1
从字段重定向2-WRITE您的有效载荷: SVG/仅=1 onload=确认(1)//
3-save it并转到此URL : https://127.0.0.0.1/public/admin/redirects
4您将看到警报按钮