Exploit Jupiter CMS 1.1.4/1.1.5 - 'galleryuploadfunction.php' Arbitrary File Upload

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
28581
Проверка EDB
  1. Пройдено
Автор
HACKERS PAL
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2006-4875
Дата публикации
2006-09-15
Код:
source: https://www.securityfocus.com/bid/20048/info

Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails to sanitize user-supplied input. 

A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, exploit vulnerabilities in the underlying database implementation, or upload and execute arbitrary files within the webserver process. Other attacks are also possible.

Upload any picture to their gallery http://www.example.com/modules/galleryuploadfunction.php picture path will be gallery/albums/public/name.ext
 
Источник
www.exploit-db.com

Похожие темы