CVE-2012-2688 PoC — PHP ‘ _php_stream_scandir’函数未明安全漏洞

Source

https://github.com/shelld3v/CVE-2012-2688

Associated Vulnerability

Title:PHP ‘ _php_stream_scandir’函数未明安全漏洞 (CVE-2012-2688)
Description:PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发，支持多种数据库及操作系统。 PHP 5.3.15之前版本和5.4.5之前的5.4.x版本中的流实现中的_php_stream_scandir函数中存在未明漏洞。远程攻击者可利用该漏洞产生未知影响以及与‘溢出’相关的远程攻击向量。

Description

A CVE-2012-2688 shell

File Snapshot


 [4.0K]  /data/pocs/0034891473d36791b6ad281dc7c978423b931583
└── [1.8K]  sh.py

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!