Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-16131 PoC — 锟铻科技 OKLite 代码问题漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/OKLite%201.2.25%20%E5%90%8E%E5%8F%B0%E6%A8%A1%E5%9D%97%E5%AF%BC%E5%85%A5%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%20CVE-2019-16131.md
Associated Vulnerability
Title:锟铻科技 OKLite 代码问题漏洞 (CVE-2019-16131)
Description:锟铻科技 OKLite是中国锟铻科技公司的一套基于PHP的企业建站内容管理系统(CMS)。 锟铻科技 OKLite v1.2.25版本中的framework/admin/modulec_control.php文件存在代码问题漏洞,该漏洞源于ZIP归档文件的.php文件可以写入到/data/cache/。攻击者可利用该漏洞上传任意文件。
File Snapshot

 # OKLite 1.2.25 后台模块导入 任意文件上传 CVE-2019-16131

## 漏洞描述

OKLite v1.2.25 后台模块导入过滤不完善导致可以上传恶意木马文件

## 漏洞

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.