Lucene search
K

9 matches found

GithubExploit
GithubExploit
added 2021/06/14 1:50 a.m.71 views

Exploit for Unrestricted Upload of File with Dangerous Type in Intelliants Subrion_Cms

CVE-2018-19422-SubrionCMS-RCE SubrionCMS 4.2.1 Authenticated...

7.2CVSS8.7AI score0.64261EPSS
Exploits10
Check Point Advisories
Check Point Advisories
added 2021/05/27 12:0 a.m.71 views

Subrion CMS Remote Code Execution (CVE-2018-19422)

A remote code execution vulnerability exists in Subrion CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.5AI score0.64261EPSS
Exploits10
Circl
Circl
added 2021/05/17 10:24 a.m.16 views

CVE-2018-19422

creationtimestamp| type| source ---|---|--- 2021-05-17 10:24:54+00:00| seen| https://t.me/pwnwikizhchannel/447 2023-08-03 17:27:01+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/subrioncmsfileuploadrce.rb 2023-12-12 02:17:30+00:00| seen|...

7.2CVSS7.3AI score0.64261EPSS
Exploits10References4
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.1009 views

Subrion CMS 4.2.1 - Arbitrary File Upload

Exploit Title: Subrion CMS 4.2.1 - File Upload Bypass to RCE Authenticated Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE:...

7.2CVSS7.4AI score0.64261EPSS
Exploits10
0day.today
0day.today
added 2021/05/17 12:0 a.m.124 views

Subrion CMS 4.2.1 - File Upload Bypass to RCE (Authenticated) Exploit

Exploit Title: Subrion CMS 4.2.1 - File Upload Bypass to RCE Authenticated Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE: CVE-2018-19422...

7.2CVSS0.1AI score0.64261EPSS
Exploits10
Packet Storm
Packet Storm
added 2021/05/17 12:0 a.m.248 views

Subrion CMS 4.2.1 Shell Upload

Exploit Title: File Upload Bypass to RCE Authenticated Google Dork: N/A Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE :...

6.5CVSS7.2AI score0.64261EPSS
Exploits10
NVD
NVD
added 2018/11/21 9:29 p.m.19 views

CVE-2018-19422

/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these...

7.2CVSS7.3AI score0.64261EPSS
Exploits10References3
OSV
OSV
added 2018/11/21 9:29 p.m.22 views

CVE-2018-19422

/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these...

7.2CVSS7.7AI score
Exploits0References3
CVE
CVE
added 2018/11/21 12:0 a.m.178 views

CVE-2018-19422

CVE-2018-19422 affects Subrion CMS 4.2.1. The root cause is that .htaccess omits .pht and .phar from the blacklist, allowing uploaded files of these types in /panel/uploads to be executed as PHP, enabling remote code execution. Public advisories, exploit-DB entries, and Metasploit module descript...

7.2CVSS7.3AI score0.64261EPSS
Exploits10References3Affected Software1
Rows per page
Query Builder