Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-35649 PoC — Moodle 输入验证错误漏洞

Source
https://github.com/antoinenguyen-09/CVE-2022-35649
Associated Vulnerability
Title:Moodle 输入验证错误漏洞 (CVE-2022-35649)
Description:Moodle是一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle 存在输入验证错误漏洞,该漏洞源于输入验证不当,远程攻击者利用该漏洞可以向应用程序传递特殊设计的数据,并执行任意代码。
Description
Payload Generator and Detailed Analysis about CVE-2022-35649
Readme
# CVE-2022-35649

### Payload Generator (using Python 2) and Detailed Analysis for [CVE-2022-35649](https://nvd.nist.gov/vuln/detail/CVE-2022-35649)

### The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04).

### This project is created only for educational purposes and cannot be used for law violation or personal gain.

### The author of this project is not responsible for any possible harm caused by the materials of this project.

### Read detailed analysis [here](https://antoinenguyen-09.hashnode.dev/cve-2022-35649-1-click-rce-in-moodle-v401).
File Snapshot

 [4.0K]  /data/pocs/8adf9e4141747489756a2b5199b16d1e1c3c60c6
├── [ 509]  payload_gen.py
└── [ 736]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.