admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update GobyVuls-Document.md

Browse Source
This commit is contained in:
Goby 2024-06-12 19:00:47 +08:00 committed by GitHub
parent 13b52df615
commit 291e44369d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
GobyVuls-Document.md
View File

@ -2,7 +2,20 @@
The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing. The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
**Updated document date: May 30, 2024** **Updated document date: June 12, 2024**
## XAMPP PHP-CGI Windows Code Execution Vulnerability
| **Vulnerability** | XAMPP PHP-CGI Windows Code Execution Vulnerability |
| :----: | :-----|
| **Chinese name** | XAMPP Windows PHP-CGI 代码执行漏洞 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [ app="php-CGI"](https://en.fofa.info/result?qbase64=aGVhZGVyPSJYYW1wcHNfaW5mbyIgfHwgYmFubmVyPSJYYW1wcHNfaW5mbyIgfHwgYm9keT0iL3hhbXBwcy5qcGciIHx8IChoZWFkZXI9ImxvY2F0aW9uIGh0dHAiICYmIGhlYWRlcj0ieGFtcHAiKSB8fCBib2R5PSJjb250ZW50PVwiS2FpIE9zd2FsZCBTZWlkbGVyIiB8fCB0aXRsZT0iWEFNUFAgZm9yIiB8fCB0aXRsZT0iWEFNUFAgVmVyc2lvbiIgfHwgYm9keT0iZm9udC1zaXplOiAxLjJlbTsgY29sb3I6IHJlZDtcIj5OZXcgWEFNUFAiIHx8IGhlYWRlcj0ieGFtcHAgdXNlciIgfHwgdGl0bGU9IldlbGNvbWUgdG8gWEFNUFAiIHx8IGJvZHk9ImNvbnRlbnQ9XCJYQU1QUCAiIHx8IChoZWFkZXI9IlNlcnZlcjogQXBhY2hlIiAmJiBoZWFkZXI9IldpbjY0IiAmJiBoZWFkZXI9IlBIUC8iKQ%3D%3D)|
| **Number of assets affected** | 7631 |
| **Description** |PHP is a scripting language executed on the server side. There was a command execution vulnerability before version 8.3.8 of PHP. Due to the "Best-Fit Mapping" feature of Windows, non-ASCII characters may be incorrectly mapped to dash (-) when processing query strings, resulting in command line parameter parsing errors. When php_cgi runs on the Windows platform and the code page is in traditional Chinese, simplified Chinese or Japanese, the attacker can inject malicious parameters through a specific query string to execute arbitrary code.|
| **Impact** | The attacker can inject malicious parameters through a specific query string to execute arbitrary code to take over the server.|
![](https://s3.bmp.ovh/imgs/2024/06/12/f9b2da5202c78411.gif)
## CheckPoint Gateway /clients/MyCRL File Reading Vulnerability(CVE-2024-24919) ## CheckPoint Gateway /clients/MyCRL File Reading Vulnerability(CVE-2024-24919)