admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 09:50:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CyberPanel upgrademysqlstatus Command Execution Vulnerability.md

Browse Source
This commit is contained in:
Goby 2024-10-29 15:13:58 +08:00 committed by GitHub
parent a070ffa1c4
commit cf26b15dbf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CyberPanel upgrademysqlstatus Command Execution Vulnerability.md Normal file
View File

@ -0,0 +1,14 @@
**Updated document date: October 29, 2024**
## CyberPanel /dataBases/upgrademysqlstatus Command Execution Vulnerability
| **Vulnerability** | GCyberPanel /dataBases/upgrademysqlstatus Command Execution Vulnerability|
| :----: | :-----|
| **Chinese name** | CyberPanel /dataBases/upgrademysqlstatus 命令执行漏洞 |
| **CVSS core** | 9.80 |
| **FOFA Query** (click to view the results directly)| [app="GCyberPanel"]
| **Number of assets affected** | 199,633 |
| **Description** |CyberPanel is an open source web control panel that provides a user-friendly interface for managing websites,emails, databases, FTP accounts, etc. |
| **Impact** | CyberPanel is designed to simplify website management tasks, allowing non-technical users to easily manage their online resources. The /dataBases/upgrademysqlstatus interface has a command execution vulnerability. Unauthorized attackers can execute arbitrary commands through this interface to obtain server permissions, resulting in serious consequences such as data leakage and server takeover.
| **Affected versions** |2.3.6
![](https://s3.bmp.ovh/imgs/2024/10/29/055e7294b806f1cc.gif)