exploitDog

CVE-2018-9247

Опубликовано: 04 апр. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a <?php substring, and then using INTO OUTFILE with a .php filename.

Ссылки

http://www.atksec.com/cve/GxlcmsQY-v1.0.0713-getshell/index.html
Exploit
Third Party Advisory
http://www.atksec.com/cve/GxlcmsQY-v1.0.0713-getshell/index.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gxlcms:gxlcms_qy:1.0.0713:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00944

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-6www-8c8h-xx3m

CVSS3: 9.8

github

больше 3 лет назад

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a <?php substring, and then using INTO OUTFILE with a .php filename.

EPSS

Процентиль: 76%

0.00944

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89