Hi i found that Site in the internet: https://packetstormsecurity.com/files/164215/WebsiteBaker-2.13.0-Remote-Code-Execution.html
That was very intersting, for me and my installations of wsb.
@ALL USER OF WSB - READ IT AND FIX IT
How to execute this code ? Php or python?
Quote from: crnogorac081 on August 11, 2022, 10:18:14 AM
How to execute this code ? Php or python?
Most of the explits are written in Python
WB 2-13-0 is End of Life long time ago, actuell WB Version is 2.13.2 for php 8.1.x
this remark i read
Quote# WebsiteBaker Open Source Content Management
# Includes an endpoint that allows remote access
# Language page misconfigured, causing vulnerability
# User information with sufficient permissions is required.
# I had to write a long script to bypass some security measures.
it seems very difficult to execute an exploit
Dietmar
So nothing special here, because If you are logged in user with sufficient permission, there are various ways to "hack" wb..