8 matches found
CVE-2024-35540
A stored cross-site scripting XSS vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
📄 Typecho 1.3.0 Cross Site Scripting
Typecho versions 1.3.0 and below suffer from a persistent cross site scripting vulnerability. // Exploit Title: Typecho = 1.3.0 Stored Cross-Site Scripting XSS // Google Dork: intext:"Powered by Typecho" inurl:/index.php // Date: 18/08/2024 // Exploit Author: Michele 'cyberaz0r' Di Bonaventura //...
Typecho 1.3.0 - Stored Cross-Site Scripting (XSS)
Exploit Title: Typecho 1.3.0 - Stored Cross-Site Scripting XSS Google Dork: intext:"Powered by Typecho" inurl:/index.php Date: 18/08/2024 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://typecho.org Software Link: https://github.com/typecho/typecho Version: 1.3.0 Tested...
CVE-2024-35540
creationtimestamp| type| source ---|---|--- 2024-08-20 17:58:39+00:00| seen| https://t.me/cvedetector/3665 2024-09-10 04:24:15+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8295 2025-04-11 21:02:20+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4brjyh2c...
CVE-2024-35540
A stored cross-site scripting XSS vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-35540
A stored cross-site scripting XSS vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-35540
A stored cross-site scripting XSS vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-35540
Typecho 1.3.0 (and earlier) is affected by a stored XSS vulnerability in the post writing/preview flow (CVE-2024-35540). An attacker with post writing privileges can inject arbitrary JavaScript/HTML via a crafted payload, potentially compromising user sessions or data. Evidence across multiple so...