cve/CVE-2024-24572.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

1.3 KiB

Raw Permalink Blame History

CVE-2024-24572

Description

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $_REQUEST global array was unsafely called inside an extract() function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $_SESSION via the GET/POST parameters. However, it does not prevent manipulation of any other sensitive variables such as $search_sql. Knowing this, an authenticated user with privileges to view site logs can manipulate the search_sqlvariable by appending a GET parameter search_sql in the URL. The information above means that the checks and SQL injection prevention attempts were rendered unusable.

POC

Reference

https://github.com/WillyXJ/facileManager/security/advisories/GHSA-xw34-8pj6-75gc

Github

No PoCs found on GitHub currently.

1.3 KiB Raw Permalink Blame History

CVE-2024-24572

Description

POC

Reference

Github

1.3 KiB

Raw Permalink Blame History