9 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Intelliants Subrion_Cms
CVE-2018-19422-SubrionCMS-RCE SubrionCMS 4.2.1 Authenticated...
Subrion CMS Remote Code Execution (CVE-2018-19422)
A remote code execution vulnerability exists in Subrion CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2018-19422
creationtimestamp| type| source ---|---|--- 2021-05-17 10:24:54+00:00| seen| https://t.me/pwnwikizhchannel/447 2023-08-03 17:27:01+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/subrioncmsfileuploadrce.rb 2023-12-12 02:17:30+00:00| seen|...
Subrion CMS 4.2.1 - Arbitrary File Upload
Exploit Title: Subrion CMS 4.2.1 - File Upload Bypass to RCE Authenticated Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE:...
Subrion CMS 4.2.1 - File Upload Bypass to RCE (Authenticated) Exploit
Exploit Title: Subrion CMS 4.2.1 - File Upload Bypass to RCE Authenticated Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE: CVE-2018-19422...
Subrion CMS 4.2.1 Shell Upload
Exploit Title: File Upload Bypass to RCE Authenticated Google Dork: N/A Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE :...
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these...
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these...
CVE-2018-19422
CVE-2018-19422 affects Subrion CMS 4.2.1. The root cause is that .htaccess omits .pht and .phar from the blacklist, allowing uploaded files of these types in /panel/uploads to be executed as PHP, enabling remote code execution. Public advisories, exploit-DB entries, and Metasploit module descript...