| 제목 | FoxCMS <=1.2 Config injection |
|---|
| 설명 | FoxCMS versions ≤1.2 have a critical remote code execution (RCE) vulnerability in the /install/installdb.php file. An attacker can exploit this vulnerability by injecting malicious code into the database password field, which gets written to the configuration file and subsequently executed. This allows the attacker to gain remote code execution on the server. |
|---|
| 원천 | ⚠️ https://note.zhaoj.in/share/iDCwOv9vfDTI |
|---|
| 사용자 | glzjin (UID 59815) |
|---|
| 제출 | 2024. 12. 22. AM 11:37 (1 년도 ago) |
|---|
| 모더레이션 | 2024. 12. 22. PM 05:47 (6 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 289170 [FoxCMS 까지 1.2 Configuration File /install/installdb.php database password 권한 상승] |
|---|
| 포인트들 | 18 |
|---|