Vulnerability Details : CVE-2018-19422

/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Published 2018-11-21 21:29:00
Updated 2023-08-04 18:15:10
Source MITRE
View at NVD,
At least one public exploit which can be used to exploit this vulnerability exists!

Exploit prediction scoring system (EPSS) score for CVE-2018-19422

Probability of exploitation activity in the next 30 days: 84.31%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2018-19422

  • Intelliants Subrion CMS 4.2.1 - Authenticated File Upload Bypass to RCE
    Disclosure Date : 2018-11-04
    This module exploits an authenticated file upload vulnerability in Subrion CMS versions 4.2.1 and lower. The vulnerability is caused by the .htaccess file not preventing the execution of .pht, .phar, and .xhtml files. Files with these extensions are not included in the .htaccess blacklist, hence these files can be uploaded and executed to achieve remote code execution. In this module, a .phar file with a randomized name is uploaded and executed to receive a Meterpreter session on the target, then deletes itself afterwards. Authors: - Hexife - Fellipe Oliveira - Ismail E. Dawoodjee

CVSS scores for CVE-2018-19422

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Source
[email protected]
[email protected]

CWE ids for CVE-2018-19422

References for CVE-2018-19422

Products affected by CVE-2018-19422

This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to terms of use!