CVEs-PoC/2018/CVE-2018-11413.md at dc3bd6cd71a486f862e7cf4da52fce4cfeb10e52

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 06:06:44 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in BearAdmin 0.5. Remote attackers can download arbitrary files via /admin/databack/download.html?name= directory traversal sequences, as demonstrated by name=../application/database.php to read the MySQL credentials in the configuration.

POC

Reference

https://github.com/yupoxiong/BearAdmin/issues/5

Github

No PoCs found on GitHub currently.

732 B Raw Blame History

CVE-2018-11413

Description

POC

Reference

Github

732 B

Raw Blame History