exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

CVE-2023-38836

Status Candidate

Overview

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.

Related Files

BoidCMS 2.0.0 Command Injection: Posted Mar 1, 2024; Authored by bwatters-r7, 1337kid | Site metasploit.com; This Metasploit module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS versions 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file.; tags | exploit, php; advisories | CVE-2023-38836; SHA-256 | 4be34ec34fdd2c459e03d46cbe61a319a411480ce0b82004ab5d83d8fcc669d1; Download | Favorite | View

BoidCMS 2.0.0 Shell Upload: Posted Oct 10, 2023; Authored by 1337kid; BoidCMS versions 2.0.0 and below suffer from a remote shell upload vulnerability.; tags | exploit, remote, shell; advisories | CVE-2023-38836; SHA-256 | a68ec76429430287b0271ea1becbf584591cf6f1bf778b41a1cfebd601dc71d3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec