Frog CMS 0.9.5 – Arbitrary File Upload

• Exploit Database
• 117 阅读

• 作者： Javid Hussain
  日期： 2014-07-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/33983/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

  Exploit Title: Arbitrary File Upload in Frog CMS 0.9.5 Date : 2014-07-07 Exploit Author : Javid Hussain Vendor Homepage : http://www.madebyfrog.com   # Exploit-DB Note: All authenticated users can upload files. If the file # does not have execute permissions the CMS allows users to change them. # No need to be authenticated to trigger uploaded files.   There is a possibility to upload arbitrary file in Frog CMS latest version 0.9.5   POC:   The vulnerability exist because of the filemanager plugin is not properly verifying the extension of uploaded files.   Go to http://localhost/frog_095/admin/?/plugin/file_manager/images   Upload an executable php file   Go to http://localhost/Frog/frog_095/public/images/   for verification.