KunstmaanBundlesCMS File Upload Vulnerability

2017-01-01 / 2017-01-02

Ashiyane Digital Security Team (GB)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

*=============================================================|
| Exploit Title: KunstmaanBundlesCMS File Upload Vulnerability
|
| Exploit Author: Ashiyane Digital Security Team
|
| Vendor & DownloadLink : https://github.com/Kunstmaan/KunstmaanBundlesCMS
|
| Tested on: Kali Linux
|
| Date: 1 /1 / 2017
|
*===========|
|
| Vulnerability Path : http://localhost/KunstmaanBundlesCMS-master/src/Kunstmaan/MediaBundle/Resources/ui/vendor_bower/plupload/examples/custom.html
|
| Vulnerability Method :GET
|
*===========|
|
| Vulnerability description:
|
| This page allows visitors to upload files to the server.
| Various web applications allow users to upload files (such as images, sounds,..).
*=============================================================|
| Discovered By : M.R.S.L.Y
*=============================================================| 

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

KunstmaanBundlesCMS File Upload Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.