CVE-2018-5955

Related Files

GitStack Unauthenticated REST API Requests

Posted Aug 31, 2024

Authored by Kacper Szurek, Jacob Robles | Site metasploit.com

This Metasploit modules exploits unauthenticated REST API requests in GitStack through v2.3.10. The module supports requests for listing users of the application and listing available repositories. Additionally, the module can create a user and add the user to the applications repositories. This Metasploit module has been tested against GitStack v2.3.10.

tags | exploit

advisories | CVE-2018-5955

SHA-256 | 9c42f5f230d90c174810268b0beac5ce6dae1160eced3fca962ef937bce0e330

Download | Favorite | View

GitStack 2.3.10 Unsanitized Argument Remote Code Execution

Posted Mar 29, 2018

Authored by Kacper Szurek, Jacob Robles | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability that exists in GitStack versions through 2.3.10, caused by an unsanitized argument being passed to an exec function call. This Metasploit module has been tested on GitStack version 2.3.10.

tags | exploit, remote, code execution

advisories | CVE-2018-5955

SHA-256 | cab234e294c5341ce9967a663c67c38cbd0d00a9c7657d94c2711d9cf5ea275f

Download | Favorite | View