CVE-2018-14729 PoC — Discuz! 输入验证错误漏洞

Source

https://github.com/c0010/CVE-2018-14729

Associated Vulnerability

Title:Discuz! 输入验证错误漏洞 (CVE-2018-14729)
Description:康盛新创科技 Discuz!是中国康盛新创科技公司的一套基于PHP和MySQL的社区论坛系统。 Discuz! 2.5版本和3.4版本中的upload/source/admincp/admincp_db.php文件的数据库备份功能存在安全漏洞。远程攻击者可利用该漏洞执行任意的PHP代码。

Description

Discuz backend getshell

Readme

# CVE-2018-14729

File Snapshot


 [4.0K]  /data/pocs/9e5a9dce488620e6e57b5aa41b2583615fb873f3
├── [2.0K]  Discuz_backend_getshell.md
├── [693K]  Discuz_backend_getshell.pdf
└── [  16]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!