Skip to content
/ CVE-2019-16113-PoC Public

Bludit >= 3.9.2 - Authenticated RCE (CVE-2019-16113)

4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hg8/CVE-2019-16113-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
CVE-2019-16113.py
CVE-2019-16113.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2019-16113 PoC

Bludit >= 3.9.2 Remote Code Execution Vulnerability via "Upload function".

Simple Python PoC.

Discovery by @christasa: bludit/bludit#1081

Usage

Edit the script with your URL, username, password and command to execute then run the script:

$ python CVE-2019-16113.py
[+] Loggin successful.
[+] Token CSRF: 20b903ffe72490f004b9255521ea2e0419e73dce
[+] Shell upload succesful.
[+] .htaccess upload succesful.
[+] Command execution successful.

Requirements

  • Python 3
  • requests (pip install requests)

About

Bludit >= 3.9.2 - Authenticated RCE (CVE-2019-16113)

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages