Lucene search
K

11 matches found

Github Security Blog
Github Security Blog
added 2022/03/11 12:2 a.m.25 views

Unrestricted Upload of File with Dangerous Type in Croogo

A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2 via admin/file-manager/attachments, which lets a malicious user upload a web shell script...

8.8CVSS2.9AI score0.08963EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/03/10 6:15 p.m.51 views

CVE-2021-44673

A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...

8.8CVSS0.08963EPSS
Exploits1References1
OSV
OSV
added 2022/03/10 6:15 p.m.21 views

CVE-2021-44673

A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...

8.8CVSS9AI score
Exploits0References1
Prion
Prion
added 2022/03/10 6:15 p.m.18 views

Remote code execution

A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...

6.5CVSS8.9AI score0.08963EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/10 6:4 p.m.27 views

CVE-2021-44673

A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...

9.2AI score0.08963EPSS
Exploits1References1
CVE
CVE
added 2022/03/10 6:4 p.m.110 views

CVE-2021-44673

Croogo 3.0.2 is affected by an arbitrary file upload vulnerability in the admin/file-manager/attachments path that lets a malicious user upload a PHP web shell, enabling remote code execution. Root cause: unrestricted file uploads in the attachment handler. Exploitation details and a concrete fix...

8.8CVSS8.9AI score0.08963EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2021/12/16 12:0 a.m.332 views

Croogo 3.0.2 Shell Upload

Exploit Title: Croogo 3.0.2 - Unrestricted File Upload Date: 06/12/2021 Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 == 'setting-43'...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/12/16 12:0 a.m.165 views

Croogo 3.0.2 - (Multiple) Stored Cross-Site Scripting Vulnerability

Exploit Title: Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting XSS Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 == 'Content-Type' Stor...

Exploits0
Exploit DB
Exploit DB
added 2021/12/16 12:0 a.m.323 views

Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Croogo 3.0.2 - 'Multiple' Stored Cross-Site Scripting XSS Date: 06/12/2021 Exploit Author: Enes Özeser Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 ==...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/12/06 12:0 a.m.354 views

Croogo 3.0.2 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Croogo 3.0.2 - Remote Code Execution Authenticated Exploit Author: Deha Berkin Bir Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 == Tutorial $command"; ? ...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.478 views

Croogo 3.0.2 - Remote Code Execution (Authenticated)

Exploit Title: Croogo 3.0.2 - Remote Code Execution Authenticated Date: 05/12/2021 Exploit Author: Deha Berkin Bir Vendor Homepage: https://croogo.org/ Software Link: https://downloads.croogo.org/v3.0.2.zip Version: 3.0.2 Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3 ==...

7.4AI score
Exploits0
Rows per page
Query Builder