CVE-2011-10013
Traq 2.0–2.3 admincp/common.php RCE
Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Traq Project · Issue Tracking Systempublic PoCs found — 3
cve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/traq_plugin_exec.rbunverifiedcve_referencewww.exploit-db.com/exploits/18213unverifiedcve_referencewww.exploit-db.com/exploits/18239unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/nirix/traq/releases/tag/v2.3.1https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/traq_plugin_exec.rbhttps://web.archive.org/web/20110729003039/https://traqproject.org/https://www.exploit-db.com/exploits/18213https://www.exploit-db.com/exploits/18239https://www.vulncheck.com/advisories/traq-issue-tracking-system-rce