CVE-2023-29689 PoC — PyroCMS 安全漏洞

Source

https://github.com/YSaxon/pyrocms-ssti-fix

Associated Vulnerability

Title:PyroCMS 安全漏洞 (CVE-2023-29689)
Description:PyroCMS是个人开发者的一个使用CodeIgniter框架开发的轻量级开源内容管理系统。 PyroCMS 3.9版本存在安全漏洞，该漏洞源于存在远程代码执行(RCE)漏洞。攻击者可利用该漏洞向服务器发送自定义命令并执行任意代码。

Description

A drop-in fix for CVE-2023-29689 - SSTI in PyroCMS, via a custom Twig Sandbox implementation

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!