CVE-2024-35540

CRITICAL

Typecho 1.3.0 - Stored Cross-Site Scripting

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-35540. PoCs published by cyberaz0r.

AI-analyzed exploit summary This exploit leverages a stored XSS vulnerability in Typecho 1.3.0 to inject malicious JavaScript, which then modifies the theme editor to include a PHP webshell. The attacker can execute arbitrary commands via an interactive shell.

Description

A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Exploits (2)

exploitdb WORKING POC

by cyberaz0r · gowebappsphp

https://www.exploit-db.com/exploits/52162

View Code ZIP pw:eip

This exploit leverages a stored XSS vulnerability in Typecho 1.3.0 to inject malicious JavaScript, which then modifies the theme editor to include a PHP webshell. The attacker can execute arbitrary commands via an interactive shell.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Moderate

Reliability

Reliable

Target: Typecho 1.3.0

Auth required

Prerequisites: Valid admin session cookies · Admin interaction to trigger the XSS

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WORKING POC 1 stars

by cyberaz0r · gopoc

https://github.com/cyberaz0r/Typecho-Multiple-Vulnerabilities

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2024-35540, targeting Typecho <= 1.3.0. The exploit demonstrates a race condition vulnerability by spamming comments with spoofed client IPs, leveraging JavaScript token calculation and concurrent HTTP requests.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Typecho <= 1.3.0

No auth needed

Prerequisites: Target URL with Typecho installation · Network access to the target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabilities/

Scores

CVSS v3 9.0

EPSS 0.0678

EPSS Percentile 91.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (2)

typecho/typecho 1.3.0 alpha

typecho/typecho < 1.2.1

Published Aug 20, 2024

Tracked Since Feb 18, 2026