mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
1.6 KiB
1.6 KiB
CVE-2018-20062
Description
An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string.
POC
Reference
- http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html
- https://github.com/nangge/noneCms/issues/21
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/NS-Sp4ce/thinkphp5.XRce
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Yang8miao/prov_navigator
- https://github.com/adminlove520/SEC-GPT
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/hwiwonl/dayone
- https://github.com/petitfleur/prov_navigator
- https://github.com/provnavigator/prov_navigator
- https://github.com/sechelper/awesome-chatgpt-prompts-cybersecurity
- https://github.com/veo/vscan
- https://github.com/yilin1203/CVE-2018-20062
- https://github.com/ziminl/serverlog230602