{"uuid": "13dba775-c878-4755-ad35-1dfd80aa219e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39090", "type": "published-proof-of-concept", "source": "https://t.me/xxexm/1674", "content": "This PoC script exploits CVE-2024-39090, a CSRF to Stored XSS vulnerability in PHPGurukul Online Shopping Portal v2.0. It automates CSRF attacks to inject persistent JavaScript payloads, which execute when a privileged user accesses the affected page, enabling actions such as session hijacking or credential theft.\n\nhttps://github.com/ghostwirez/CVE-2024-39090-PoC", "creation_timestamp": "2024-11-29T17:35:07.000000Z"}