Home / os / blackberry
BoidCMS 2.0.0 Command Injection
Posted on 01 March 2024
This Metasploit module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS versions 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file.