cve/CVE-2015-6567.md at master

0xMarcio/cve

Fork 0

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

876 B

Raw Permalink Blame History

CVE-2015-6567

Description

Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality.

POC

Reference

http://www.websecgeeks.com/2015/08/wolf-cms-arbitrary-file-upload-to.html
https://www.exploit-db.com/exploits/38000/
https://www.exploit-db.com/exploits/40004/

Github

https://github.com/ARPSyndicate/cvemon

876 B Raw Permalink Blame History

CVE-2015-6567

Description

POC

Reference

Github

876 B

Raw Permalink Blame History