11 matches found
ISPConfig - PHP Code Injection
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if adminallowlangedit is enabled. id: CVE-2023-46818 info: name: ISPConfig - PHP Code Injection author: non-things severity: high description: | An issue was discovered...
Exploit for Code Injection in Ispconfig
CVE-2023-46818 - ISPConfig PHP Code Execution | Exploit Hi...
Exploit for Code Injection in Ispconfig
---- CVE-2023-46818...
Exploit for Code Injection in Ispconfig
---- CVE-2023-46818...
Exploit for Code Injection in Ispconfig
CVE-2023-46818 ISPConfig - PHP Code Injection PoC Exploit Ba...
Exploit for Code Injection in Ispconfig
CVE-2023-46818-Exploit This is my own exploit for CVE-2023-468...
Exploit for Code Injection in Ispconfig
CVE-2023-46818 exploit This is a python version of the origin...
ISPConfig 3.2.11 PHP Code Injection Exploit
------------------------------------------------------------------------ ISPConfig = 3.2.11 languageedit.php PHP Code Injection Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.ispconfig.org - Affected Versions: Version 3.2.11 and...
ISPConfig 3.2.11 PHP Code Injection
------------------------------------------------------------------------ ISPConfig = 3.2.11 languageedit.php PHP Code Injection Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.ispconfig.org - Affected Versions: Version 3.2.11 and...
CVE-2023-46818
creationtimestamp| type| source ---|---|--- 2023-10-27 12:26:30+00:00| seen| Telegram/lDzxx419LmTfyuLmsPSW31421MarDrsNh-ZW3fTm9VSStQ 2024-03-20 05:06:02+00:00| seen| https://t.me/CyberSecurityTechnologies/9584 2024-08-16 08:56:17+00:00| seen| https://t.me/Rootsec2/2265 2025-04-13 23:00:06+00:00|...
CVE-2023-46818
ISPConfig before 3.2.11p1 is affected by a PHP code injection in the language file editor when admin_allow_langedit is enabled. Exploitation requires an authenticated administrator and can lead to arbitrary PHP code execution, potentially full server compromise (CWE-94). Affected component: langu...