KunstmaanBundlesCMS File Upload Vulnerability

Published
Credit
Risk
2017.01.02
Ashiyane Digital Security Team
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

*=============================================================|
| Exploit Title: KunstmaanBundlesCMS File Upload Vulnerability
|
| Exploit Author: Ashiyane Digital Security Team
|
| Vendor & DownloadLink : https://github.com/Kunstmaan/KunstmaanBundlesCMS
|
| Tested on: Kali Linux
|
| Date: 1 /1 / 2017
|
*===========|
|
| Vulnerability Path : http://localhost/KunstmaanBundlesCMS-master/src/Kunstmaan/MediaBundle/Resources/ui/vendor_bower/plupload/examples/custom.html
|
| Vulnerability Method :GET
|
*===========|
|
| Vulnerability description:
|
| This page allows visitors to upload files to the server.
| Various web applications allow users to upload files (such as images, sounds,..).
*=============================================================|
| Discovered By : M.R.S.L.Y
*=============================================================|


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com