CVE-2018-8770 PoC — Western Bridge Cobub Razor 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-8770.yaml

Associated Vulnerability

Title:Western Bridge Cobub Razor 安全漏洞 (CVE-2018-8770)
Description:Western Bridge Cobub Razor是一套开源的移动应用程序分析系统。该系统能够为用户提供详细的多维度报告并监控其移动应用和应用程序用户行为的统计数据。 Western Bridge Cobub Razor 0.8.0版本中存在安全漏洞。攻击者可借助tests/中的多个文件利用该漏洞获取物理路径。（多个文件包括：generate.php，controllers/getConfigTest.php，controllers/getUpdateTest.php，controllers/postc

Description

Cobub Razor 0.8.0 is susceptible to information disclosure via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations.

File Snapshot


 id: CVE-2018-8770

info:
  name: Cobub Razor 0.8.0 - Information Disclosure
  author: princechaddha


...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!