Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-2420 PoC — Super Site Searcher远程可执行任意命令漏洞

Source
https://github.com/krdsploit/CVE-2002-2420
Associated Vulnerability
Title:Super Site Searcher远程可执行任意命令漏洞 (CVE-2002-2420)
Description:Super Site Searcher是一款基于Web的搜索引擎系统。 Super Site Searcher没有正确过滤用户提交的输入,远程攻击者可以利用这个漏洞以WEB权限在系统上执行任意命令。 Super Site Searcher中的site_searcher.cgi脚本没有充分过滤用户提交给查询参数的转义字符,通过提交包含如"|"SHELL转义字符的任意命令,可导致命令直接传递给SHELL以Web权限执行。
Description
The New Exploit there no available on metasploit framework !
Readme
# CVE-2002-2420
The New Exploit there no available on metasploit framework !
File Snapshot

 [4.0K]  /data/pocs/15e5f9a602c2433df6b63498eb52b3951ad92a87
├── [1.7K]  PHP_RCE.rb
└── [  77]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.