CVE-2019-16113

EPSS 78.0%

Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.

Produtos afetados

n/a · n/a

PoCs públicas encontradas — 15

githubgithub.com/cybervaca/CVE-2019-16113★ 13 githubgithub.com/hg8/CVE-2019-16113-PoC★ 5 githubgithub.com/ynots0ups/CVE-2019-16113★ 5 githubgithub.com/mind2hex/CVE-2019-16113-Bludit-3.9.2-RCE★ 1 githubgithub.com/DXY0411/CVE-2019-16113★ 0 githubgithub.com/m4rm0k/CVE-2019-16113★ 0 githubgithub.com/tronghoang89/cve-2019-16113★ 0 githubgithub.com/Kenun99/CVE-2019-16113-Dockerfile★ 0 githubgithub.com/dldygnl/CVE-2019-16113★ 0 exploitdbwww.exploit-db.com/exploits/48568não verificado cve_referencepacketstormsecurity.com/files/157988/Bludit-3.9.12-Directory-Traversal.htmlnão verificado cve_referencepacketstormsecurity.com/files/158569/Bludit-3.9.2-Directory-Traversal.htmlnão verificado exploitdbwww.exploit-db.com/exploits/48701não verificado exploitdbwww.exploit-db.com/exploits/47699não verificado cve_referencepacketstormsecurity.com/files/155295/Bludit-Directory-Traversal-Image-File-Upload.htmlnão verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/155295/Bludit-Directory-Traversal-Image-File-Upload.html http://packetstormsecurity.com/files/157988/Bludit-3.9.12-Directory-Traversal.html http://packetstormsecurity.com/files/158569/Bludit-3.9.2-Directory-Traversal.html https://github.com/bludit/bludit/issues/1081