bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/26103.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

14 lines
No EOL
631 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/14490/info
SysCP is affected by multiple script execution vulnerabilities.
The following specific vulnerabilities were identified:
The application is affected by a remote file include vulnerability. An attacker can include remote script code and execute it in the context of an affected server.
Another script code execution vulnerability may allow an attacker to call arbitrary functions and scripts by bypassing a PHP eval() statement.
SysCP 1.2.10 and prior versions are prone to these vulnerabilities.
The following string is sufficient to bypass the eval() call:
{${phpinfo();}}
Reference in a new issue View git blame Copy permalink