CVE-2022-25486 PoC — CuppaCMS 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-25486.yaml

Associated Vulnerability

Title:CuppaCMS 安全漏洞 (CVE-2022-25486)
Description:CuppaCMS是一套内容管理系统（CMS）。 CuppaCMS 1.0版本存在安全漏洞，该漏洞源于通过 /alerts/alertConfigField.php 中的 url 参数发现CuppaCMS 1.0版本包含本地的文件。

Description

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.

File Snapshot


 id: CVE-2022-25486

info:
  name: Cuppa CMS v1.0 - Local File Inclusion
  author: theamanrawat
  sev

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!