Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-46818
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ISPConfig 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ISPConfig是一套基于Linux的开源主机控制面板,它可通过Web控制面板管理多台服务器、开设网站、监控服务器运行状况等。 ISPConfig 3.2.11p1 之前版本存在安全漏洞,该漏洞源于如果启用了 admin_allow_langedit,管理员可以在语言文件编辑器中实现 PHP 代码注入。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2023-46818
#POC DescriptionSource LinkShenlong Link
1CVE-2023-46818 IPSConfig Python exploithttps://github.com/bipbopbup/CVE-2023-46818-python-exploitPOC Details
2An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-46818.yamlPOC Details
3This is my own exploit for CVE-2023-46818 happy hacking!https://github.com/blindma1den/CVE-2023-46818-ExploitPOC Details
4CVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 (language_edit.php) PHP Code Injection Vulnerabilityhttps://github.com/ajdumanhug/CVE-2023-46818POC Details
5CVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE)https://github.com/ajdumanhug/CVE-2022-42092POC Details
6CVE-2023-46818 - ISPConfig PHP Code Injection PoC Exploit (Bash)https://github.com/rvizx/CVE-2023-46818POC Details
7Nonehttps://github.com/engranaabubakar/CVE-2023-46818POC Details
8An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.https://github.com/hunntr/CVE-2023-46818POC Details
9Metasploit Moduleshttps://github.com/SyFi/CVE-2023-46818POC Details
10Python PoC for CVE-2023-46818https://github.com/vulnerk0/CVE-2023-46818POC Details
11CVE-2023-46818 | PoC | ISPConfig 3.2.11p1https://github.com/zs1n/CVE-2023-46818POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2023-46818
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2023-46818

No comments yet

Leave a comment