nuclei-templates icon indicating copy to clipboard operation
nuclei-templates copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

Create CVE-2017-11586.yaml

Open Akokonunes opened this issue 2 years ago • 1 comments

Template / PR Information

The attack can be initiated remotely. No form of authentication is required for a successful exploitation.

Vendor Homepage : http://www.finecms.net/

  • Reference:
    • http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse
    • https://www.cvedetails.com/cve/CVE-2017-11586
    • https://vuldb.com/?id.104434

Template Validation

I've validated this template locally?

  • [x] YES

Akokonunes avatar Aug 07 '22 07:08 Akokonunes

Hello @Akokonunes, Thank you for sharing this template with us 👍, but this open redirect too would work after the successful login, as written in the POC of this reference here. Please try to add a login request.

ritikchaddha avatar Aug 08 '22 06:08 ritikchaddha