Gerasimov Alexandr
Gerasimov Alexandr
Hi, dev team! There is Path Traversal vulnerability in `wcms/wcms/wex/cssjs.php` file. The vulnerable code is: 31: `$path = $_GET['path'];` 32: `$html_from_template = htmlspecialchars(file_get_contents($path));` 61: `:code=''` Example POC: ``` ``` A...
Hi, dev team! There is SSRF Vulnerability in `wcms/wcms/wex/cssjs.php` file. The vulnerable code is: 31: `$path = $_GET['path'];` 32: `$html_from_template = htmlspecialchars(file_get_contents($path));` 61: `:code=''` Example POC: ``` ``` Server Side...
Hi, dev team! There is Reflected XSS vulnerability in `wcms/wex/html.php` file. The vulnerable code is: wcms/wex/core/classes/Pagename.php:16: `$_SESSION['pagename'] = $_POST['pagename'];` wcms/wex/core/classes/Pagename.php:20: `$GLOBALS['pagename'] = $_SESSION['pagename'];` wcms/wex/html.php:52: `path=''` Example POC: Just send any...
Hi, dev team! There is SSRF Vulnerability in `wcms/wcms/wex/html.php` file. The vulnerable code is: wcms/wex/core/classes/Pagename.php:16: `$_SESSION['pagename'] = $_POST['pagename'];` wcms/wex/core/classes/Pagename.php:20: `$GLOBALS['pagename'] = $_SESSION['pagename'];` wcms/wex/html.php:17: `$html_from_template = htmlspecialchars(file_get_contents($GLOBALS['pagename']));` Example POC: ``` ```...
Hi, dev team! There is Path Traversal vulnerability in `wcms/wex/html.php` file. The vulnerable code is: wcms/wex/core/classes/Pagename.php:16: `$_SESSION['pagename'] = $_POST['pagename'];` wcms/wex/core/classes/Pagename.php:20: `$GLOBALS['pagename'] = $_SESSION['pagename'];` wcms/wex/html.php:17: `$html_from_template = htmlspecialchars(file_get_contents($GLOBALS['pagename']));` wcms/wex/html.php:51: `:code=''` Example...
Hi, dev team! There is Reflected XSS vulnerability in `wcms/wcms/wex/cssjs.php` file. The vulnerable code is: 64: `type=''>` Example POC: Just send any js code in `type` parameter like: `type=alert()` Reflected...