Lucene search

K
githubexploit06205348-D076-510F-AF65-F8442B0BC2EA
HistorySep 04, 2024 - 7:59 p.m.

Exploit for Cross-Site Request Forgery (CSRF) in Concretecms Concrete Cms

2024-09-0419:59:29
11
cve-2017-5638
cross-site request forgery
concrete cms
remote code execution
content-type header
ognl expressions
full system compromise
poc script
vulnerable environment
unauthorized use

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

CVE-2017-5638 Apache Struts 2 RCE Proof of Concept

This repos…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High