Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exploit file upload vulnerability getshell
Vulnerability details:
In the administration backend, you can upload malicious builds of zip files in the plugin administration page.
Vulnerability url: http://127.0.0.1/po-admin/admin.php?mod=component&act=addnew
Steps:
First you need to have backend access
Prepare zip file containing malicious php
Caricamento di file in Componenti/Aggiungi componente
Next, you can find the php file at http://127.0.0.1/po-content/component/Component_Name/file_name Find the php file
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Exploit file upload vulnerability getshell
Vulnerability details:
In the administration backend, you can upload malicious builds of zip files in the plugin administration page.
Vulnerability url: http://127.0.0.1/po-admin/admin.php?mod=component&act=addnew
Steps:
First you need to have backend access
Prepare zip file containing malicious php
Caricamento di file in Componenti/Aggiungi componente
Next, you can find the php file at http://127.0.0.1/po-content/component/Component_Name/file_name Find the php file
The text was updated successfully, but these errors were encountered: