admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

add: CVE-2022-26352

Browse Source
This commit is contained in:
gaopeng2 2022-05-07 11:09:38 +08:00
parent 2d9b3a80f4
commit e7dc082f34
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
DotCMS/CVE-2022-26352/README.md Normal file
View File

@ -0,0 +1,10 @@
# dotCMS content Arbitrary File Upload (CVE-2022-26352)
Dotcms dotCMS is a set of content management system (CMS) of American dotCMS (Dotcms) company. The system supports RSS feeds, blogs, forums and other modules, and is easy to expand and build.There is an arbitrary file upload vulnerability in the /api/content/ path of the DotCMS management system, and attackers can upload malicious Trojans to obtain server permissions.
FOFA **query rule**: [body="DotCMS"](https://fofa.info/result?qbase64=Ym9keT0iRG90Q01TIg%3D%3D)
# Demo
![dotCMS_content_Arbitrary_File_Upload](dotCMS_content_Arbitrary_File_Upload.gif)

BIN
DotCMS/CVE-2022-26352/dotCMS_content_Arbitrary_File_Upload.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 939 KiB