CVE-2022-35914
Description
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
NVD
Severity: CRITICAL
CVE ID: CVE-2022-35914
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2022-35914
Refrence: Project Discovery GitHub
cosad3s
Refrence: GitHub
Lzer0Kx01
Refrence: GitHub
6E6L6F
Refrence: GitHub
0xGabe
Unauthenticated RCE in GLPI 10.0.2
Refrence: GitHub
Johnermac
Script in Ruby for the CVE-2022-35914 - RCE in GLPI
Refrence: GitHub
allendemoura
PoC exploit for GLPI - Command injection using a third-party library script
Refrence: GitHub
Content on GitHub
lolminerxmrig | watchers:1
Capricornus
Capricornus(摩羯座)一款基于wxpython的GUI图形化漏洞检测工具,包含了基础的备忘录,base64加解密,批量漏洞和单项漏洞检测功能。目前包含CVE_2022_35914、CVE_2022_36804等nday,1day以及常见漏洞的检测
Refrence: GitHub