mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
3.2 KiB
3.2 KiB
CVE-2019-0193
Description
In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.
POC
Reference
No PoCs from references.
Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0xT11/CVE-POC
- https://github.com/1135/notes
- https://github.com/1135/solr_exploit
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
- https://github.com/Awrrays/FrameVul
- https://github.com/Imanfeng/Apache-Solr-RCE
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Loneyers/solr-rce
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Nishacid/Easy_RCE_Scanner
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/ZTK-009/RedTeamer
- https://github.com/amcai/myscan
- https://github.com/apachecn-archive/Middleware-Vulnerability-detection
- https://github.com/assetnote/blind-ssrf-chains
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/fengwenhua/CNVD-2021-26058
- https://github.com/flyarong/pwnserver
- https://github.com/freeFV/ApacheSolrRCE
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/bug-bounty
- https://github.com/huimzjty/vulwiki
- https://github.com/jas502n/CVE-2019-0193
- https://github.com/jaychouzzk/CVE-2019-0193-exp
- https://github.com/lnick2023/nicenice
- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/RedTeamer
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/scxiaotan1/Docker
- https://github.com/tdcoming/Vulnerability-engine
- https://github.com/tdtc7/qps
- https://github.com/trganda/dockerv
- https://github.com/veracode-research/solr-injection
- https://github.com/woods-sega/woodswiki
- https://github.com/xConsoIe/CVE-2019-0193
- https://github.com/xbl3/awesome-cve-poc_qazbnm456