Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-28454 PoC — Limbas 跨站脚本漏洞

Source
https://github.com/YSah44/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS-
Associated Vulnerability
Title:Limbas 跨站脚本漏洞 (CVE-2022-28454)
Description:Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS).
Description
CVE-2022-28454
Readme
# Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS

DESCRIPTION

Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS)
LIMBAS  ( http://www.limbas.org/ ) - 4.3.36.1319

PROOF OF CONCEMT

UPDATE/up_2_0.php the page reflexed with the XSS code

EXAMPLE PAYLOAD

1'"()&%<acx><ScRiPt >9M2m(9617)</ScRiPt>

DETAILS XSS
  
Cross-site Scripting (XSS) refers to a client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application. XSS occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.
File Snapshot

 [4.0K]  /data/pocs/6c059c6cc42c8f5f78cff05068b79f08cbb4a3da
└── [ 621]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →