CVE-2014-5091

EIP tracks 1 public exploit for CVE-2014-5091. PoCs published by Shayan S.

AI-analyzed exploit summary This is a detailed writeup describing multiple vulnerabilities in Status2k software, including XSS, SQLi, command injection, RCE via eval() backdoor, template manipulation, design flaws, and information leaks. It provides PoC examples and CVE assignments for each issue.

A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code.