## https://sploitus.com/exploit?id=BB48AFEC-5757-5F0F-940C-85C20DD2FDC2
----
<h1 align="center">CVE-2023-46818</h1>
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
## Usage
```
โฏ python3 CVE-2023-46818.py
Usage: python3 CVE-2023-46818.py <URL> <username> <password>
Poc of CVE-2023-46818 ISPConfig <= 3.2.11 - Code Injection Vulnerability by z7Akane
```
## References
- https://nvd.nist.gov/vuln/detail/CVE-2023-46818
- https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released
- https://seclists.org/fulldisclosure/2023/Dec/2
## Credit
If you found this project useful or interesting, consider supporting it by giving a โญ to the repository!