Bug: BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability ( Ascii Version )

	WLB2.ORG
Full List

Bugs

Bogus

Tricks

Exploits

	CVEMAP.ORG
Full List

Vendors

Products

	Tools
CWE Dictionary

Dorks List

cIFrex

	Search
Bugtraq

CVEMAP

CVE Id

CWE Id

	RSS
Full List

Bugs

Exploits

Dorks

	Information
Add note

About



	Submit
To add a note, use this form or send email to submit@cxsec.org


	Social

BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability

Published	Credit	Risk
2008.12.30	Piker	High

CWE	CVE	Local	Remote
CWE-20	CVE-2008-5732	No	Yes

CVSS Base Score	Impact Subscore		Exploitability Subscore
7.5/10	6.4/10		10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

################## Piker #######################################
#
#
# BLOG v1.55B Arbitrary File Upload Vulnerability
#

#
# Affected software: BLOG v1.55B prior versions can be affected

# Vendor: http://sourceforge.net/projects/kafooeyblog/
# Risk: High
#
################################################################

#

# http://[target]/[path]/lib/image_upload.php
#
# This script only checks if the file you are uploading
# is not a text/plain file so you can upload whatever
# you want, for example a PHP Shell.
#

#
################################################################
#
# Found by Piker [piker0x90(at)gmail(dot)com]
#
# D.O.M Labs - Security Researchers
# www.domlabs.org

#
#
################################################################

References:

http://xforce.iss.net/xforce/xfdb/47535

http://www.securityfocus.com/bid/32953

http://www.milw0rm.com/exploits/7537

http://secunia.com/advisories/33223

http://osvdb.org/50876

ASCII VERSION

Ascii Version

Bug: BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability ( Ascii Version )

use this form