漏洞描述
CuppaCMS 在 2019-11-12之前的文件管理器选项允许经过身份验证的攻击者在图像扩展名中上传恶意文件,并通过使用文件管理器提供的重命名功能的自定义请求能够将图像扩展名修改为PHP,从而导致远程任意代码执行。
Cuppa存在任意文件读取漏洞(CVE-2022-25485)
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-24264: Cuppa CMS v1.0 - SQL injection
- POC CVE-2022-24265: Cuppa CMS v1.0 - SQL injection
- POC CVE-2022-24266: Cuppa CMS v1.0 - SQL injection
- POC CVE-2022-25485: Cuppa CMS v1.0 - Local File Inclusion
- POC CVE-2022-25486: Cuppa CMS v1.0 - Local File Inclusion
- POC CVE-2022-25497: Cuppa CMS v1.0 - Local File Inclusion
- POC CVE-2022-27984: Cuppa CMS v1.0 - SQL injection
- POC CVE-2022-27985: Cuppa CMS v1.0 - SQL injection
- POC CVE-2022-34121: CuppaCMS v1.0 - Local File Inclusion
- POC CVE-2022-37190: Cuppa CMS v1.0 - Remote Code Execution
- POC CVE-2022-37191: Cuppa CMS v1.0 - Authenticated Local File Inclusion
- POC CVE-2022-38295: Cuppa CMS v1.0 - Cross Site Scripting
- POC CVE-2022-38296: Cuppa CMS v1.0 - Arbitrary File Upload