CH-CMS.ch-V2 Upload Vulnerability

vendor:

CH-CMS.ch-V2

by:

El-Kahina

7,5

CVSS

HIGH

Upload Vulnerability

434

CWE

Product Name: CH-CMS.ch-V2

Affected Version From: CH-CMS.ch-V2

Affected Version To: CH-CMS.ch-V2

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Lunix Fran�ais v.(9.10 Ubuntu)

2007/08

CH-CMS.ch-V2 Upload Vulnerability

An attacker can exploit this vulnerability by sending a malicious file to the ava_upl.php or ava_upl2.php page, which will be stored in the avatar/ directory.

Mitigation:

Ensure that the application is configured to only accept files with the expected file extensions and validate the file content to ensure that it is not malicious.

Source

Exploit-DB raw data:

========================================================================================
| ( Title    ) CH-CMS.ch-V2 Upload Vulnerability
| ( Author   ) El-Kahina
| ( email    ) please forgive me                                                                                                                    $
| ( Web Site ) http://kewlshare.com/dl/f1b6b4d587ab/95_Final_2_bugfix_install.rar.html                                                              $
| ( Script   ) copyright 2007/08 by grillmeister | CH-CMS.ch-V2 | design by King-G4mer
| ( Tested on) Lunix Fran&#65533;ais v.(9.10 Ubuntu)
| ( Bug      ) Upload
|
======================      Exploit By EL-Kahina       =================================
 # Exploit  :

 1 - http://127.0.0.1/Final/login/ava_upl.php
                      or
 2 - http://127.0.0.1/Final/login/ava_upl2.php

 Stored in: avatar/

==========================================
Greetz :
Exploit-db Team :
(loneferret+Exploits+dookie2000ca)
all my friend :
(Dz-Ghost Team ) im indoushka's sister
--------------------------------------------------------------------------------------------------------------