{"vulnerability": "CVE-2015-2208", "sightings": [{"uuid": "ad022f26-36ad-4667-8061-4ccc2766a595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-2208", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:42.000000Z"}, {"uuid": "dc340a45-ad35-4b43-a566-b2eacfb1570c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-2208", "type": "published-proof-of-concept", "source": "https://t.me/HackingPublicoficial/162", "content": "Best Exploits\n\nphpMoAdmin Remote Code Execution (CVE-2015-2208)\nLotusCMS Remote Code Execution (OSVDB-75095)\nElasticSearch Remote Code Execution (CVE-2015-1427)\nShellShock (httpd) Remote Code Execution (CVE-2014-6271)\nIISlap - http.sys Denial of Service/RCE PoC (DoS only). (MS-15-034)\nse0wned - Seowintech Router diagnostic.cgi remote root\nWPsh0pwn - Wordpress WPShop eCommerce Shell Upload (WPVDB-7830)\nnmediapwn - Wordpress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload\npwnflow - Wordpress Work the flow file upload 2.5.2 Shell Upload\ndelusions - Wordpress InfusionSoft Gravity Forms Shell Upload (CVE-2014-6446)\nsuiteshell - SuiteCRM Post-Auth Remote Code Execution (CVE-2015-NOTYET)\nsuiteracer - SuiteCRM Post-Auth Remote Code Execution Race Condition (CVE-2015-xxxx)\nunsanitary - Address Sanitizer + Setuid Binary = Local Root exploit (LD_PRELOAD vector)\nDiamondFox - DiamondFox Botnet C&C Panel Shell Upload\nDoubtfullyMalignant - BenignCertain DoS PoC\nTorCT-Shell - TorCT RAT C&C Panel Shell Upload\nvBullshit - vBulletin 5.x.x unserialize() Remote Code Execution (CVE-2015-7808)\nXanity-Shell - Xanity RAT C&C Panel Shell Upload\nJoomraa - PoC + upload blacklist bypass (CVE-2016-8869, CVE-2016-8870, CVE-2016-9836)\nDeathsize - LifeSize Room remote code execution & local root exploit\nAssetExploder - ManageEngine Asset Explorer remote code execution\nDroppleGanger - Droppler <= 1.6.5 Auth-Bypass & RCE\ntr-06fail - TR-064 Misimplementations leading to remote device takeover in ZyXEL Routers\nscreen2root - Screen 4.05.00 (CVE-2017-5618) local privesc\nFreeACS-Pwn - TR-069 exploit for FreeACS server, disclosed at BSides Edinburgh.\nJoomblah - Joomla 3.7.0 SQL Injection exploit (CVE-2017-8917)\npisspoorpool - Local file inclusion exploit for p2pool status page\nwipgpwn - Remote Root Exploit for WePresent WiPG-1000,1500,2000 devices\nTBA\n\nLink:\n\nhttps://github.com/XiphosResearch/exploits https://www.facebook.com/1656611301265857/posts/1887994441460874", "creation_timestamp": "2017-07-11T02:04:41.000000Z"}, {"uuid": "9ea6b683-a3c0-45f7-bcf0-4646ec8f0b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-2208", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:37.000000Z"}, {"uuid": "1a98fdeb-838b-4940-9434-021bd8fb7428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-2208", "type": "seen", "source": "https://t.me/arpsyndicate/2001", "content": "#ExploitObserverAlert\n\nCVE-2015-2208\n\nDESCRIPTION: Exploit Observer has 21 entries related to CVE-2015-2208. The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.\n\nFIRST-EPSS: 0.968030000\nNVD-IS: 6.4\nNVD-ES: 10.0", "creation_timestamp": "2023-12-18T14:19:30.000000Z"}, {"uuid": "55ed463c-f8cd-485d-a38b-c92154b7f17b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-2208", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/phpmoadmin_exec.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}]}