Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-7251 PoC — Anchor 信息泄露漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-7251.yaml
Associated Vulnerability
Title:Anchor 信息泄露漏洞 (CVE-2018-7251)
Description:Anchor是一套开源的轻博客系统。该系统支持Markdown编辑器、自定义字段和多种语言等。 Anchor 0.12.3版本中的config/error.php文件存在信息泄露漏洞。攻击者可借助错误日志利用该漏洞获取数据库凭证。
Description
Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue  in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
File Snapshot

 id: CVE-2018-7251

info:
  name: Anchor CMS 0.12.3 - Error Log Exposure
  author: pdteam
  severity:

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.