Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-43258 PoC — ChurchInfo 代码问题漏洞

Source
https://github.com/MRvirusIR/CVE-2021-43258
Associated Vulnerability
Title:ChurchInfo 代码问题漏洞 (CVE-2021-43258)
Description:ChurchInfo是ChurchInfo团队的一个免费的教会数据库程序,可帮助教会跟踪成员、家庭、团体、认捐和付款。 ChurchInfo 1.2.13版本至1.3.0版本存在安全漏洞。攻击者利用该漏洞通过上传PHP附件,然后浏览到web服务器上上传PHP文件的位置,从而执行任意代码。
Description
ChurchInfo 1.2.13-1.3.0 Remote Code Execution Exploit
Readme
# CVE-2021-43258

ChurchInfo 1.2.13-1.3.0 Remote Code Execution Exploit

| Full title  |                                                                                                                                                                                                                       ChurchInfo 1.2.13-1.3.0 Remote Code Execution Exploit                                                                                                                                                                                                                        |
| ----------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: |
| Date add    |                                                                                                                                                                                                                                             21-11-2022                                                                                                                                                                                                                                             |
| Category    |                                                                                                                                                                                                                                          remote exploits                                                                                                                                                                                                                                           |
| Platform    |                                                                                                                                                                                                                                                php                                                                                                                                                                                                                                                 |
| Risk        |                                                                                                                                                                                                                                      [Security RiskCritical]                                                                                                                                                                                                                                       |
| Description | This Metasploit module exploits the logic in the CartView.php page when crafting a draft email with an attachment. By uploading an attachment for a draft email, the attachment will be placed in the /tmp_attach/ folder of the ChurchInfo web server, which is accessible over the web by any user. By uploading a PHP attachment and then browsing to the location of the uploaded PHP file on the web server, arbitrary code execution as the web daemon user (e.g. www-data) can be achieved. |
| CVE         |                                                                                                                                                                                                                                           CVE-2021-43258                                                                                                                                                                                                                                           |
File Snapshot

 [4.0K]  /data/pocs/dda56e05cb4a8ddca302b4896ca2891617088b12
├── [4.0K]  README.md
└── [ 11K]  RemoteCode.php

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.