Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

DedeCMS - Open Redirect

By kannthu

Medium
Vidoc logoVidoc Module
#dedecms#redirect
Description
Author: pikpikcu Classification CWE-ID: CWE-601 CVSS-Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS-Score: 6.1 DedeCMS contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. Reference - https://blog.csdn.net/ystyaoshengting/article/details/82734888 Metadata max-request: 1 verified: true shodan-query: http.html:"power by dedecms" || title:"dedecms"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/plus/download.php?o...
Matching conditions
word: Location: https://interact.shand
status: 302
Passive global matcher
No matching conditions.
On match action
Report vulnerability