mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-21 17:40:09 +00:00
706 B
706 B
CVE-2019-9623
Description
Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php.
POC
Reference
- https://pentest.com.tr/exploits/Feng-Office-3-7-0-5-Unauthenticated-Remote-Command-Execution-Metasploit.html
- https://www.exploit-db.com/exploits/46471
Github
No PoCs found on GitHub currently.