Olá, Visitante!         Registrar

Avaliação do Tópico:
  • 0 votos - 0 Média
  • 1
  • 2
  • 3
  • 4
  • 5
[RSS]October CMS Upload Protection Bypass Code Execution
Poster  

*


Mensagens: 1.061
Tópicos: 1.061
Registrado: Setembro 2017
Likes 0
Nível de Aviso:


Creditos: 18,71
#1
[RSS]October CMS Upload Protection Bypass Code Execution
October CMS Upload Protection Bypass Code Execution

This Metasploit module exploits an Authenticated user with permission to upload and manage media contents can upload various files on the server. Application prevents the user from uploading PHP code by checking the file extension. It uses black-list based approach, as seen in octobercms/vendor/october/rain/src/Filesystem/ Definitions.php:blockedExtensions(). This module was tested on October CMS version version 1.0.412 on Ubuntu.


https://packetstormsecurity.com/files/15...xec.rb.txt

11-09-2019, 06:28
Procurar Responder


Possíveis Tópicos Relacionados...
Tópico: Autor Respostas: Visualizações: Última Mensagem
  [RSS]eWON Flexy 13.0 Authentication Bypass Poster 0 0 3 horas atrás
Última Mensagem: Poster
  [webapps] FileThingie 2.5.7 - Arbitrary File Upload Poster 0 0 3 horas atrás
Última Mensagem: Poster
  [webapps] YouPHPTube 7.4 - Remote Code Execution Poster 0 6 11-09-2019, 15:11
Última Mensagem: Poster
  [RSS]FusionPBX 4.4.8 Remote Code Execution Poster 0 5 10-09-2019, 15:00
Última Mensagem: Poster
  [webapps] Sentrifugo 3.2 - File Upload Restriction Bypass Poster 0 8 10-09-2019, 10:08
Última Mensagem: Poster

Saltar Fórum:


usuários a ver este tópico: 1 Visitante(s)