Skip to content

0x00-0x00/CVE-2018-10517

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.gitattributes
.gitattributes
 
 
CMS-MadeSimple-RCE.ps1
CMS-MadeSimple-RCE.ps1
 
 
README.md
README.md
 
 
example.JPG
example.JPG
 
 

Repository files navigation

CVE-2018-12613

Authenticated remote command execution by uploading a fake module, dropping PHP files on remote web server.

Software Affected

  1. CMS Made Simple 2.2.7;

How to use

This PowerShell scripts need two parameters to craft a exploit HTTP request:

1. CMS Made Simple URL endpoint;
2. Cookies for unauthenticated user;
2. A command string to be executed in the remote system shell;

Example

Prepare all the parameters to use the script:

Screenshot

Then command is executed.

Code author: @_zc00l

About

CMS Made Simple 2.2.7 RCE exploit

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages