iCMS File Upload Vulnerability

Published
Credit
Risk
2017.01.03
Ashiyane Digital Security Team
High
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

*=============================================================|
| Exploit Title: iCMS File Upload Vulnerability
|
| Exploit Author: Ashiyane Digital Security Team
|
| Vendor : https://github.com/idreamsoft/iCMS
|
| Tested on: Kali Linux
|
| Date: 1 /3 / 2017
*=============================================================|
| Vulnerability Path : http://127.0.0.1/iCMS-master/app/ui/common/ueditor/dialogs/scrawl/scrawl.html
| Vulnerability Method :GET
*===========================|
| Vulnerability description
*===:
| This page allows visitors to upload files to the server.
| Various web applications allow users to upload files (such as images, sounds, ...).
*=============================================================|


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com