Lucene search
+L

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.9 views

CVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks...

8.8CVSS7.8AI score0.69003EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2024/03/08 5:0 p.m.91 views

Metasploit Wrap-Up 03/08/2024

New module content 2 GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: 18821 contributed by n00bhaxor Path: gather/gitlabtagsrssfeedemaildisclosure AttackerKB reference: CVE-2023-5612 Description: This adds an auxiliary module that leverages an...

7.5CVSS6AI score0.99753EPSS
Exploits27
0day.today
0day.today
added 2024/03/02 12:0 a.m.505 views

BoidCMS 2.0.0 Command Injection Exploit

This Metasploit module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS versions 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file. This module requires Metasploit:...

8.8CVSS7.1AI score0.69003EPSS
Exploits8
Metasploit
Metasploit
added 2024/03/01 7:51 p.m.387 views

BoidCMS Command Injection

This module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS version 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file. Module Options msf use exploit/multi/http/cve202338836boidcms msf...

8.8CVSS8.7AI score0.69003EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/03/01 12:0 a.m.569 views

BoidCMS 2.0.0 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BoidCMS Command Injection', 'Description' = %q This module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS version 2.0.0 and...

8.8CVSS7.4AI score0.69003EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/10/10 12:0 a.m.351 views

BoidCMS 2.0.0 Shell Upload

!/usr/bin/python3 Exploit Title: BoidCMS v2.0.0 - authenticated file upload vulnerability Date: 08/21/2023 Exploit Author: 1337kid Vendor Homepage: https://boidcms.github.io// Software Link: https://boidcms.github.io/BoidCMS.zip Version: ' with open'shell.php','w' as f: f.writelinesphpcode ====...

8.8CVSS7.1AI score0.69003EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.419 views

BoidCMS v2.0.0 - authenticated file upload vulnerability

!/usr/bin/python3 Exploit Title: BoidCMS v2.0.0 - authenticated file upload vulnerability Date: 08/21/2023 Exploit Author: 1337kid Vendor Homepage: https://boidcms.github.io// Software Link: https://boidcms.github.io/BoidCMS.zip Version: ' with open'shell.php','w' as f: f.writelinesphpcode ====...

8.8CVSS7AI score0.69003EPSS
Exploits8
0day.today
0day.today
added 2023/10/09 12:0 a.m.235 views

BoidCMS v2.0.0 - authenticated file upload Exploit

!/usr/bin/python3 Exploit Title: BoidCMS v2.0.0 - authenticated file upload vulnerability Exploit Author: 1337kid Vendor Homepage: https://boidcms.github.io// Software Link: https://boidcms.github.io/BoidCMS.zip Version: ' with open'shell.php','w' as f: f.writelinesphpcode ==== file = 'file' :...

8.8CVSS8.7AI score0.69003EPSS
Exploits8
OSV
OSV
added 2023/08/21 12:0 a.m.33 views

CVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks...

8.8CVSS8.1AI score0.69003EPSS
Exploits8References4
Circl
Circl
added 2023/08/17 7:9 a.m.11 views

CVE-2023-38836

creationtimestamp| type| source ---|---|--- 2023-08-17 07:09:39+00:00| published-proof-of-concept| https://t.me/CNArsenal/886 2023-08-17 12:25:33+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8865 2023-08-18 17:23:51+00:00| published-proof-of-concept|...

8.8CVSS7.3AI score0.69003EPSS
Exploits8References16
GithubExploit
GithubExploit
added 2023/08/16 2:30 p.m.615 views

Exploit for Unrestricted Upload of File with Dangerous Type in Boidcms

CVE-2023-38836 Exploit File Upload vulnerability in BoidCMS v...

8.8CVSS8.6AI score0.69003EPSS
Exploits8
Rows per page
Query Builder