CVEs-PoC/2018/CVE-2018-7032.md at 183d1f8677d424ca51cab102bc615f8bcebb511d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-14 11:02:11 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.

POC

Reference

https://bugs.debian.org/840014
https://bugs.debian.org/840014

Github

No PoCs found on GitHub currently.

763 B Raw Blame History

CVE-2018-7032

Description

POC

Reference

Github

763 B

Raw Blame History