Exploit 1 of 2: # Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell # Date: 2018-06-02 # Exploit Author: xichao # Vendor Homepage: https://github.com/GreenCMS/GreenCMS # Software Link: https://github.com/GreenCMS/GreenCMS # Version: v2.3.0603 # CVE : CVE-2018-11670 An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect. poc: csrftest
a
References: http://www.iwantacve.cn/index.php/archives/38/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11670 https://github.com/GreenCMS/GreenCMS/issues/108 ---------------- Exploit 2 of 2: # Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability add admin # Date: 2018-06-02 # Exploit Author: xichao # Vendor Homepage: https://github.com/GreenCMS/GreenCMS # Software Link: https://github.com/GreenCMS/GreenCMS # Version: v2.3.0603 # CVE : CVE-2018-11671 An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle. poc: csrftest aa aaaa
aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaa
References: http://www.iwantacve.cn/index.php/archives/39/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11671 https://github.com/GreenCMS/GreenCMS/issues/109