Dear_hu

3 exploits Active since Jul 2021
CVE-2021-37392 WRITEUP MEDIUM WORKING POC
RPCMS < 1.8 - Stored Cross-Site Scripting via Nickname Variable
In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.
CVSS 5.4
CVE-2021-37393 WRITEUP MEDIUM WORKING POC
rpcms < 1.8 - Stored Cross-Site Scripting via Nickname Variable
In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. Attacker can use "update password" function to inject XSS payloads into nickname variable, and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.
CVSS 5.4
CVE-2021-37394 WRITEUP HIGH WORKING POC
rpcms < 1.8 - Unauthenticated Privilege Escalation via Role Parameter Manipulation
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration.
CVSS 8.8