exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

CVE-2023-38836

Status Candidate

Overview

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.

Related Files

BoidCMS 2.0.0 Command Injection: Posted Mar 1, 2024; Authored by bwatters-r7, 1337kid | Site metasploit.com; This Metasploit module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS versions 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file.; tags | exploit, php; advisories | CVE-2023-38836; SHA-256 | 4be34ec34fdd2c459e03d46cbe61a319a411480ce0b82004ab5d83d8fcc669d1; Download | Favorite | View

BoidCMS 2.0.0 Shell Upload: Posted Oct 10, 2023; Authored by 1337kid; BoidCMS versions 2.0.0 and below suffer from a remote shell upload vulnerability.; tags | exploit, remote, shell; advisories | CVE-2023-38836; SHA-256 | a68ec76429430287b0271ea1becbf584591cf6f1bf778b41a1cfebd601dc71d3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
Ubuntu 88 files
indoushka 67 files
Jasper Nota 25 files
Willem Westerhof 19 files
Gentoo 18 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Tags

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,093)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,547)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,665)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,730)
UNIX (9,433)
UnixWare (187)
Windows (6,671)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec