WebsiteBaker Community Forum
WebsiteBaker Support (2.13.x) => General Help & Support => Topic started by: markherrmann on August 11, 2022, 09:57:21 AM
-
Hi i found that Site in the internet: https://packetstormsecurity.com/files/164215/WebsiteBaker-2.13.0-Remote-Code-Execution.html
That was very intersting, for me and my installations of wsb.
@ALL USER OF WSB - READ IT AND FIX IT
-
How to execute this code ? Php or python?
-
How to execute this code ? Php or python?
Most of the explits are written in Python
WB 2-13-0 is End of Life long time ago, actuell WB Version is 2.13.2 for php 8.1.x
this remark i read
# WebsiteBaker Open Source Content Management
# Includes an endpoint that allows remote access
# Language page misconfigured, causing vulnerability
# User information with sufficient permissions is required.
# I had to write a long script to bypass some security measures.
it seems very difficult to execute an exploit
Dietmar
-
So nothing special here, because If you are logged in user with sufficient permission, there are various ways to "hack" wb..