4 matches found
Wonder CMS 2.3.1 Host Header Injection
Exploit Title: Wonder CMS 2.3.1 Host Header Injection Date: 30-01-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.wondercms.com/ Version: 2.3.1 CVE : CVE-2017-14523 Category: Webapp CMS 1...
Wonder CMS 2.3.1 - 'Host' Header Injection
Exploit Title: Wonder CMS 2.3.1 Host Header Injection Date: 30-01-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.wondercms.com/ Version: 2.3.1 CVE : CVE-2017-14523 Category: Webapp CMS 1...
CVE-2017-14523
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the administrator as a self attack...
CVE-2017-14523
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection that allows host header manipulation to redirect pages. The CVE entry notes exploitation is unlikely because the attack would originate from a local machine or an administrator (self-attack). Public exploit references (Exploit-DB/Pack...