module
BoidCMS Command Injection
| Disclosed |
|---|
| Jul 13, 2023 |
Disclosed
Jul 13, 2023
Description
This module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS version 2.0.0
and below. BoidCMS allows the authenticated upload of a php file as media if the file has
the GIF header, even if the file is a php file.
and below. BoidCMS allows the authenticated upload of a php file as media if the file has
the GIF header, even if the file is a php file.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.