You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Attackers can gain shell access to the server by creating a custom email account.
First, register a malicious account.
Then, we just need to create a repository group and a repository.
Next, access the "Create Merge Request" interface.
Ultimately, the malicious code is executed.
we can get an reverse_shell finally
Vul Point
Useless Regex Pattern leads to RCE
The text was updated successfully, but these errors were encountered:
Boogipop
changed the title
The Codefeve has a Remote Command Execute Vulnerability In latest version
The Codefever has a Remote Command Execute Vulnerability In latest version
Dec 5, 2023
Vul Path
/application/controllers/reposity.php
/application/controllers/repository_model.php
Exploit Reproduction
Attackers can gain shell access to the server by creating a custom email account.
First, register a malicious account.
Then, we just need to create a repository group and a repository.
Next, access the "Create Merge Request" interface.
Ultimately, the malicious code is executed.
we can get an reverse_shell finally
Vul Point
Useless Regex Pattern leads to RCE
The text was updated successfully, but these errors were encountered: