CVE-2020-24949 PoC — PHP-Fusion 安全漏洞

Source

https://github.com/r90tpass/CVE-2020-24949

Associated Vulnerability

Title:PHP-Fusion 安全漏洞 (CVE-2020-24949)
Description:PHP是PHPGroup和开放源代码社区的共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发，支持多种数据库及操作系统。PHP-Fusion是马来西亚PHP-Fusion公司的一套基于MySql和PHP的开源轻量级内容管理系统。该系统包含新闻、文章和论坛等模块。 PHP-Fusion 9.03.50版本downloads / downloads.php中存在安全漏洞，该漏洞允许攻击者将特制请求发送到服务器并远程命令执行。

Description

PHPFusion 9.03.50 - Remote Code Execution

File Snapshot


 [4.0K]  /data/pocs/8bb847dbd7ed1432a09f13bfd2a3031ec3cfb540
└── [1.8K]  exp.py

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!