Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%

CVE-2012-1495 PoC — WebCalendar多个输入验证错误漏洞

Source
Associated Vulnerability
Title:WebCalendar多个输入验证错误漏洞 (CVE-2012-1495)
Description:WebCalendar是一个基于Web的日历应用软件。 WebCalendar中存在多个输入验证漏洞,这些漏洞源于对用户提供的输入未经正确过滤。攻击者可利用这些漏洞在受影响应用程序上下文中注入任意PHP代码,包含并执行来自受影响系统的任意文件,也可能执行其他的攻击。WebCalendar 1.2.4版本中存在这些漏洞,其他版本也可能受到影响。
Readme
# CVE-2012-1495-Webcalendar-
Prerequis : MAchine Kali linux ou Parrot Os 
1- Cloner le repository 

2- extraire l'archive "webcalendar"

3- Creer le container docker et le lancer à l'aide des commandes :

docker build -t webcalendar .
docker run -d -p 80:80 webcalendar

4- Sur votre machine kali, lancez metasploit et cherchez l'exploit puis le lancer.(se referer au rapport )
File Snapshot

[4.0K] /data/pocs/db75eb6d4db093088eb3c021189c5c7de253a4a0 ├── [ 429] Dockerfile ├── [ 379] README.md ├── [634K] WebCalendar_Report.pdf └── [1.6M] webcalendar.zip 0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.