CVEs-PoC/2018/CVE-2018-7700.md at e75b4ae9b8f2bb870dd67fc20d60fe11882b0f8d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

1.0 KiB

Raw Blame History

CVE-2018-7700

Description

DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code.

POC

Reference

https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/

Github

https://github.com/0ps/pocassistdb
https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/Elsfa7-110/kenzer-templates
https://github.com/SexyBeast233/SecBooks
https://github.com/chriskaliX/PHP-code-audit
https://github.com/jweny/pocassistdb
https://github.com/zhibx/fscan-Intranet

1.0 KiB Raw Blame History

CVE-2018-7700

Description

POC

Reference

Github

1.0 KiB

Raw Blame History