Codiad Remote Code Execution (CVE-2018-14009; CVE-2017-11366; CVE-2017-15689)

A remote code execution vulnerability exists in Codiad. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Codiad 2.8.4 Remote Code Execution

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 !/usr/bin/env python encoding: utf-8 import requests import...

Codiad 2.8.4 - Remote Code Execution (Authenticated)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 !/usr/bin/env python encoding: utf-8 import requests import...

Codiad 2.8.4 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated Discovery by: WangYihang Vendor Homepage: http://codiad.com/ Software Links : https://github.com/Codiad/Codiad/releases Tested Version: Version: 2.8.4 CVE: CVE-2018-14009 ​ !/usr/bin/env python encoding: utf-8 ​ import requests...

CVE-2020-23355

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

CVE-2020-23355

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

Authentication flaw

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

CVE-2020-23355

CVE-2020-23355 affects Codiad 2.8.4, where in the file /componetns/user/class.user.php the Authenticate() function is vulnerable to a magic hash authentication bypass. Encrypted or hashed passwords that take certain formats (e.g., 0e123 or 0e234) can bypass authentication. Multiple connected advi...

CVE-2020-23355

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

Codiad License Issues Vulnerability

Codiad is a website builder from the Codiad team that provides Web-based IDE functionality. A security vulnerability exists in Codiad 2.8.4, which stems from class.user.php:Authenticate being vulnerable in a magic hash authentication bypass...

Exploit for Path Traversal in Codiad

Exploit-Framework Exploits: |Vendor|Vulnerability|Effected Version|Description|Author| |:-:|:-:|:-:|:-:|:-:| |zblog|NOTCVE| https://github.com/WangYihang/Exploit-Framework/wiki Contribution: 1. Guidance of writing exploit module TODO: - 解析字符串 - 深层模块化 - 上下文栈维护 - 日志 - 自动补全 - Exploit 搜索 - Wiki -...

Exploit for Path Traversal in Codiad

Exploit-Framework Exploits: |Vendor|Vulnerability|Effected Version|Description|Author| |:-:|:-:|:-:|:-:|:-:| |zblog|NOTCVE| https://github.com/WangYihang/Exploit-Framework/wiki Contribution: 1. Guidance of writing exploit module TODO: - 解析字符串 - 深层模块化 - 上下文栈维护 - 日志 - 自动补全 - Exploit 搜索 - Wiki -...

CVE-2020-14042

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Site Scripting XSS vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states "Codiad is no...

CVE-2020-14042

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Site Scripting XSS vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states "Codiad is no...

Cross site scripting

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Site Scripting XSS vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states "Codiad is no...

CVE-2020-14042

Codiad v1.7.8 and later contains a Cross‑Site Scripting (XSS) vulnerability due to improper sanitization of the folder name path variable in components/filemanager/class.filemanager.php . Implication: attacker could inject HTML/JS via the affected path, with potential impact depending on where th...

CVE-2020-14042

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Site Scripting XSS vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states "Codiad is no...

PT-2020-13860 · Codiad · Codiad

Name of the Vulnerable Software and Affected Versions: Codiad versions 1.7.8 and later Description: A Cross Site Scripting XSS issue was found due to improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. The vendor states that Codiad is no long...

CVE-2020-14043

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Side Request Forgery CSRF vulnerability was found in Codiad v1.7.8 and later. The request to download a plugin from the marketplace is only available to admin users and it isn't CSRF protected in components/market/controller.php. This might cause admins...

CVE-2020-14044

PRODUCT NOT SUPPORTED WHEN ASSIGNED A Server-Side Request Forgery SSRF vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in...