Availscript Article Script Remote File Upload Vulnerability

vendor:

Article Script

by:

S.W.A.T.

7.5

CVSS

HIGH

Remote File Upload Vulnerability

434

CWE

Product Name: Article Script

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Availscript Article Script Remote File Upload Vulnerability

A vulnerability in Availscript Article Script allows an attacker to upload a malicious file to the server. An attacker can register on the site, login, and add a pen/author name. When adding the pen/author name, the attacker can select a malicious file such as c99.php. The malicious file will be uploaded to the server and renamed with a random text such as cc1bd-c99.php. The malicious file can then be accessed from the photos folder.

Mitigation:

Ensure that all user-uploaded files are properly validated and sanitized before being stored on the server.

Source

Exploit-DB raw data:

[~] Availscript Article Script Remote File Upload Vulnerability
[~]
[~] ----------------------------------------------------------
[~] Discovered By: S.W.A.T.   svvateam@yahoo.com
[~]
[~] Home: www.batlagh.com
[~]
[~] Script Page: http://www.availscript.com/article_script.php
[~] -----------------------------------------------------------

Xpl:

1.First Register Into The Site ( link: www.site.com/[path]/signup.php )

2.Login With Your Email & Password

3.After That Go To "Add Pen/Author Name" ( link: www.site.com/[path]/memberarea/addpen.php )
& Write Your Author & Select Your Shell.php like: c99.php

4.Your Shell Will Be Appear In This Folder ( link: www.site.com/[path]/photos/ )

5.Your Shell Will Be Renamed With Random Text like: cc1bd-c99.php

6.Hack The Site ;)


Demo:

http://www.availscript.com/article_script/



[~] Special Thanks To:

Str0ke, All My Friends, Iranian Hackers & All Muslim

# milw0rm.com [2008-12-14]