.. / CVE-2012-5321

Exploit for TikiWiki CMS Groupware v8.3 - Open Redirect (CVE-2012-5321)

Description:

tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka “frame injection

Nuclei Template

View the template here CVE-2012-5321.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2012/CVE-2012-5321.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2012-5321
http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/73403
https://www.exploit-db.com/exploits/36848

.. / CVE-2012-5321 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for TikiWiki CMS Groupware v8.3 - Open Redirect (CVE-2012-5321)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2012-5321