Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-51504. PoCs published by Sybelle03.
AI-analyzed exploit summary This repository provides a Dockerized environment to reproduce and scan for CVE-2023-51504, a SQL injection vulnerability in MotoCMS Version 3.4.3. It uses sqlmap to detect and exploit the vulnerability via the 'keyword' parameter in the search endpoint.
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan Dulaney Dan's Embedder for Google Calendar allows Stored XSS.This issue affects Dan's Embedder for Google Calendar: from n/a through 1.2.
Exploits (1)
This repository provides a Dockerized environment to reproduce and scan for CVE-2023-51504, a SQL injection vulnerability in MotoCMS Version 3.4.3. It uses sqlmap to detect and exploit the vulnerability via the 'keyword' parameter in the search endpoint.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L