Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-32409 PoC — i3geo 路径遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-32409.yaml
Associated Vulnerability
Title:i3geo 路径遍历漏洞 (CVE-2022-32409)
Description:i3geo是saladesituacao开源的一个用于开发交互式网络地图的应用程序。 i3geo v7.0.5 版本存在路径遍历漏洞,该漏洞源于 codemirror.php 组件中的本地文件包含 (LFI) 漏洞允许攻击者通过精心设计的 HTTP 请求执行任意 PHP 代码。
Description
Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request.
File Snapshot

 id: CVE-2022-32409

info:
  name: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inc

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.