mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 21:39:29 +02:00
marc
1.1 KiB
1.1 KiB
CVE-2020-35729
Description
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
POC
Reference
- http://packetstormsecurity.com/files/160798/Klog-Server-2.4.1-Command-Injection.html
- http://packetstormsecurity.com/files/161123/Klog-Server-2.4.1-Command-Injection.html
- http://packetstormsecurity.com/files/161410/Klog-Server-2.4.1-Command-Injection.html
Github
- https://github.com/20142995/Goby
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Al1ex/CVE-2020-35729
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Z0fhack/Goby_POC
- https://github.com/nomi-sec/PoC-in-GitHub