Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689
install codiad
@ git clone githubcom/Codiad/Codiadgit
Steps to reproduction
1 Setup a vulnerable environment on ubuntu server with Codiad 284 (latest version)
@ chmod o+w configphp
@ chmod o+w workspace
@ chmod o+w plugins
@ chmod o+w themes
@ chmod o+w data
2
@ git clone githubcom/hidog123/Codiad-CVE-2018-14009gi
3 Launch the exp