Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-29622 PoC — formidable 代码问题漏洞

Source
https://github.com/keymandll/CVE-2022-29622
Associated Vulnerability
Title:formidable 代码问题漏洞 (CVE-2022-29622)
Description:An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all versions that can change the default behavior of how files are handled. Strapi does not consider this to be a valid vulnerability.
Description
Hack this service to prove CVE-2022–29622 is valid
Readme
# CVE-2022–29622: (In)vulnerability Analysis

**THIS PROJECT HAS BEEN MOVED** to GitLab here: [https://gitlab.com/Keymandll/cve-2022-29622](https://gitlab.com/Keymandll/cve-2022-29622)

This codebase was created to help security professionals and developers to understand why Formidable was not vulnerable to CVE-2022-29622.
File Snapshot

 [4.0K]  /data/pocs/61095c3aaf50b2bd25bd2ce8a447cceba439180c
└── [ 328]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →