CVE-2018-1513

Related Files

OpenEMR 5.0.1.3 Shell Upload

Posted Jul 13, 2021

Authored by Alexandre Zanni

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.

tags | exploit, remote, shell

advisories | CVE-2018-15139

SHA-256 | c870808a4f9a9a137fcb679a6a3037401a0616eb79f037981dc723adf1f8b701

Download | Favorite | View

OpenEMR 5.0.1.3 Shell Upload

Posted Jun 14, 2021

Authored by Ron Jost

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit.

tags | exploit, remote, shell

advisories | CVE-2018-15139

SHA-256 | 1c976d82d20d572267256bdb0e89f3da86fd7a4937ea55c99df13535b3d1abf2

Download | Favorite | View

PHP Laravel Framework Token Unserialize Remote Command Execution

Posted Jul 15, 2019

Authored by aushack, Stale Pettersen | Site metasploit.com

This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.

tags | exploit, remote, web, php, vulnerability

advisories | CVE-2017-16894, CVE-2018-15133

SHA-256 | 89a708ff133e6615ee3040a41d60178a5e2e6c21344ec723424eb420b1cc5b8c

Download | Favorite | View

IBM Sterling B2B Integrator 5.2.0.1 / 5.2.6.3 Cross Site Scripting

Posted Aug 13, 2018

Authored by Vikas Khanna

IBM Sterling B2B Integrator versions 5.2.0.1 5.2.6.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2018-1513, CVE-2018-1563

SHA-256 | 2373691d9a25fade76fc8842f910a8fe4636f929f8a58f8b0c4882cffd89dd17

Download | Favorite | View