Skip to content

FORTBRIDGE-UK/concrete-cms

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

README.md

README.md

 
 

request.txt

request.txt

 
 

request2.txt

request2.txt

 
 

script.py

script.py

 
 

script2.py

script2.py

 
 

test.php

test.php

 
 

Repository files navigation

concrete-cms

Concrete5-CMS RCE (CVE-2021-22968)

Affected versions 8.5.6 and 9.0.0

Full write-up at: https://www.fortbridge.co.uk/research/multiple-vulnerabilities-in-concrete-cms-part1-rce/

Steps to reproduce

  • upload test.php somewhere accessible for the vulnerable server
  • you need a valid upload request in request.txt
  • you need to start script.py as a Turbo Intruder script - this will find the volatile dir and write the second request in request2.txt. It will also start a secondary Turbo Intruder which will run script2.py in order to find and trigger test.php on the victim server

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages