CVEs-PoC/2012/CVE-2012-4253.md at 0bed567352b8a47e7e31dcdefcf24ce4ac5ee938

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

Description

Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.

POC

Reference

http://packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html

Github

https://github.com/ARPSyndicate/kenzer-templates
https://github.com/gnarkill78/CSA_S2_2024

940 B Raw Blame History

CVE-2012-4253

Description

POC

Reference

Github

940 B

Raw Blame History