Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-0957 PoC — Adobe Experience Manager Dispatcher 安全漏洞

Source
https://github.com/fuckwbored/CVE-2016-0957-payloads
Associated Vulnerability
Title:Adobe Experience Manager Dispatcher 安全漏洞 (CVE-2016-0957)
Description:Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.
Readme
![image](https://github.com/user-attachments/assets/8c25f3a1-7e0e-4ad8-803e-cfc50caf7e84)

Use this payloads to bypass AEM 403/404 with the help of CVE-2016-0957

As example, .json path was 404 . But with the help of this payloads, i found, that it exists
![image](https://github.com/user-attachments/assets/9f537549-5fe0-4fe8-9c43-7d9f61df5572)


# You can add extensions like this too:
/bin/querybuilder.json => /bin/querybuilder.json.gif

/bin/querybuilder.json => /bin/querybuilder.json.css

And this will bypass dispatcher :)
File Snapshot

 [4.0K]  /data/pocs/bc0ecbf0a0fed76ca224d7b3918389039df0f2c4
├── [1.3K]  payloads.txt
└── [ 531]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →