Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
The attached exploit "exploit.py" performs the following actions:
prodigiousMind
prodigiousMind
/ CVE-2023-41425.md
Last active
December 30, 2024 09:34
CVE-2023-41425 (WonderCMS Remote Code Execution) - PoC