| عنوان | formtools.org formtools 3.1.1 SSTi |
|---|
| الوصف | Download Source Code:https://github.com/formtools/core
1. Log in as the admin user.
2. Visit the "/admin/settings/index.php?page=accounts" page, change the "Page Theme" template to "{{7*7}}", and save.
3. Visit the "/admin/clients/" page and create a user.
4. Log in as the newly created user to trigger the SSTi vulnerability. |
|---|
| المصدر | ⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE2-2.md |
|---|
| المستخدم | Dee.Mirage (UID 71702) |
|---|
| ارسال | 10/07/2024 05:15 PM (2 سنوات منذ) |
|---|
| الاعتدال | 20/07/2024 08:11 AM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 271991 [formtools.org Form Tools 3.1.1 Setting index.php?page=accounts Page Theme تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|