Invia #467658: FoxCMS <=1.2 Config injectioninformazioni

TitoloFoxCMS <=1.2 Config injection
DescrizioneFoxCMS versions ≤1.2 have a critical remote code execution (RCE) vulnerability in the /install/installdb.php file. An attacker can exploit this vulnerability by injecting malicious code into the database password field, which gets written to the configuration file and subsequently executed. This allows the attacker to gain remote code execution on the server.
Fonte⚠️ https://note.zhaoj.in/share/iDCwOv9vfDTI
Utente
 glzjin (UID 59815)
Sottomissione22/12/2024 11:37 (1 Anno fa)
Moderazione22/12/2024 17:47 (6 hours later)
StatoAccettato
Voce VulDB289170 [FoxCMS fino a 1.2 Configuration File /install/installdb.php database password escalationi di privilegi]
Punti18

PrecedenteVisione D'ensembleIl prossimo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!