CVE-2019-12744 PoC — SeedDMS 代码问题漏洞

Source

https://github.com/nobodyatall648/CVE-2019-12744

Associated Vulnerability

Title:SeedDMS 代码问题漏洞 (CVE-2019-12744)
Description:SeedDMS（前称LetoDMS和MyDMS）是一套基于PHP和MySql的开源文档管理系统。该系统主要用于存储和共享文档。 SeedDMS 5.1.11之前版本中存在代码问题漏洞，该漏洞源于程序没有验证文件的上传。远程攻击者可利用该漏洞执行代码。

Description

Remote Command Execution through Unvalidated File Upload in SeedDMS versions <5.1.11

Readme

# CVE-2019-12744
 
## Information
Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions < 5.1.11 <br>
CVE: CVE-2019-12744 <br>

Vendor Homepage: https://www.seeddms.org/index.php?id=2 <br>
Exploit Author: NobodyAtall <br>
Tested version: Seeddms 5.1.10, 5.0.11 <br>
Tested OS: Windows 7 x64

## Medium Article
https://bryanleong98.medium.com/cve-2019-12744-remote-command-execution-through-unvalidated-file-upload-in-seeddms-versions-5-1-1-5c32d90fda28

## PoC Images
![](pocImg/1.png)

![](pocImg/2.png)

## Help Menu
```
usage: CVE-2019-12744.py [-h] -u USERNAME -p PASSWORD --url URL

optional arguments:
  -h, --help            show this help message and exit
  -u USERNAME, --username USERNAME
                        login username
  -p PASSWORD, --password PASSWORD
                        login password
  --url URL             target URL Path
```

File Snapshot


 [4.0K]  /data/pocs/9c7677036340a9844c8a015b9d8e66fe6f116ec0
├── [8.2K]  CVE-2019-12744.py
├── [ 162]  phpCmdInjection.php
├── [4.0K]  pocImg
│   ├── [ 57K]  1.png
│   └── [ 91K]  2.png
└── [ 895]  README.md

1 directory, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!