Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-53617 PoC — LibrePhotos 安全漏洞

Source
https://github.com/ii5mai1/CVE-2024-53617
Associated Vulnerability
Title:LibrePhotos 安全漏洞 (CVE-2024-53617)
Description:A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload.
Readme
# CVE-2024-53617: Stored XSS in LibrePhotos before version 2024w47

LibrePhotos before version 2024w47 has a stored XSS (Cross-site Scripting) allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload.

References:
- https://github.com/LibrePhotos/librephotos/pull/1476
- https://github.com/LibrePhotos/librephotos/commit/32237ddc0b6293a69b983a07b5ad462fcdd6c929
File Snapshot

 [4.0K]  /data/pocs/ab417eb201766e32a46d114a45c866134034c4e4
├── [  70]  exploit.rwz
├── [1.2K]  poc.py
└── [ 426]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →