CVE-2018-16763 PoC — FUEL CMS 注入漏洞

Source

https://github.com/kaxm23/exploit_cms_fuel

Associated Vulnerability

Title:FUEL CMS 注入漏洞 (CVE-2018-16763)
Description:FUEL CMS是一款基于Codelgniter框架的内容管理系统（CMS）。 FUEL CMS 1.4.1版本中的pages/select/页面的‘filter’参数和preview/页面的‘data’参数存在注入漏洞。该漏洞源于用户输入构造命令、数据结构或记录的操作过程中，网络系统或产品缺乏对用户输入数据的正确验证，未过滤或未正确过滤掉其中的特殊元素，导致系统或产品产生解析或解释方式错误。

Description

Python3 exploit for Fuel CMS 1.4.1 Remote Code Execution (CVE-2018-16763) with Reverse Shell.

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!