Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-46209 PoC — Yakamara Media Redaxo CMS 安全漏洞

Source
https://github.com/h4ckr4v3n/CVE-2024-46209
Associated Vulnerability
Title:Yakamara Media Redaxo CMS 安全漏洞 (CVE-2024-46209)
Description:A stored cross-site scripting (XSS) vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the password parameter.
Readme
# Redaxo Security Research (CVE-2024-46209, CVE-2024-46210)

Redaxo CMS v5.17.1 security research
Completed at 09 August 2024

Contains detailed description of:
CVE-2024-46210 - Stored Cross-Site Scripting via file Upload in MediaPool module
CVE-2024-46209 - Authenticated arbitrary code execution.
File Snapshot

 [4.0K]  /data/pocs/38d607a95682809255975db1e23b709d0836db09
├── [ 299]  README.md
└── [1.8M]  REDAXO Stored XSS + RCE.pdf

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →