Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
- http://packetstormsecurity.com/files/162591/Subrion-CMS-4.2.1-Shell-Upload.html
- http://packetstormsecurity.com/files/173998/Intelliants-Subrion-CMS-4.2.1-Remote-Code-Execution.html
- https://github.com/0xD13/OSCP-Prep-Guide
- https://github.com/AlienTec1908/Adria.HackMyVM
- https://github.com/AyslanBatista/rust-offsec
- https://github.com/Drew-Alleman/CVE-2018-19422
- https://github.com/Mr-Tree-S/POC_EXP
- https://github.com/RajatSethi2001/FUSE
- https://github.com/Swammers8/SubrionCMS-4.2.1-File-upload-RCE-auth-
- https://github.com/VictoriaKlyueva/TryHackMe-and-Hack-the-Box
- https://github.com/WSP-LAB/FUSE
- https://github.com/h3v0x/CVE-2018-19422-SubrionCMS-RCE
- https://github.com/hev0x/CVE-2018-19422-SubrionCMS-RCE
- https://github.com/n0-traces/cve_monitor
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/superlink996/chunqiuyunjingbachang