PT-2018-9429 · Php · Gitlist

Kacper Szurek

Published

2018-06-26

Updated

2021-09-09

CVE-2018-1000533

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GitList versions <= 0.6

Description The issue arises from incorrectly sanitized input being passed to a system function in the searchTree function, allowing execution of arbitrary code as the PHP user. This can be exploited by sending a POST request using the search form.

Recommendations For GitList versions <= 0.6, update to version 0.7 or later to resolve the issue. As a temporary workaround, consider disabling the searchTree function until a patch is available. Restrict access to the search form to minimize the risk of exploitation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-1000533

Affected Products

Gitlist

PT-2018-9429 · Php · Gitlist

CVE-2018-1000533

Weakness Enumeration

Related Identifiers

Affected Products

References · 6