Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

vendor:

Joomla Component Proclaim

by:

Ihsan Sencan

9.8

CVSS

CRITICAL

Arbitrary File Upload

434

CWE

Product Name: Joomla Component Proclaim

Affected Version From: 9.1.1

Affected Version To: 9.1.1

Patch Exists: YES

Related CWE: CVE-2018-7316

CPE: a:christianwebministries:joomla_component_proclaim:9.1.1

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: WiN7_x64/KaLiLinuX_x64

2018

Joomla! Component Proclaim 9.1.1 – Arbitrary File Upload

A vulnerability in Joomla! Component Proclaim 9.1.1 allows an attacker to upload arbitrary files to the server. This is due to the lack of proper validation of the uploaded file type. An attacker can exploit this vulnerability by uploading a malicious file to the server and then executing it.

Mitigation:

Ensure that the file types uploaded to the server are properly validated and restricted to only those that are necessary.

Source

Exploit-DB raw data:

# # # #
# Exploit Title: Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload
# Dork: N/A
# Date: 22.02.2018
# Vendor Homepage: https://www.christianwebministries.org/
# Software Link: https://extensions.joomla.org/extensions/extension/living/religion/proclaim/
# Software Download: https://github.com/Joomla-Bible-Study/Joomla-Bible-Study/releases/download/v9.1.1/pkg_proclaim.zip
# Version: 9.1.1
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-7316
# # # #
# Exploit Author: Ihsan Sencan
# # # #
# 
# POC: 
# 
# 1)
# http://localhost/[PATH]/index.php?option=com_biblestudy&view=mediafileform&layout=edit&id=1
# 
# http://localhost/[PATH]/images/biblestudy/media/[FILE]
# 
# # # #