vendor:
DigitalHive
by:
ViRuSMaN
8.3
CVSS
HIGH
Remote File Upload Vulnerability
79
CWE
Product Name: DigitalHive
Affected Version From: 1
Affected Version To: 1.2
Patch Exists: YES
Related CWE: CVE-2009-4010
CPE: a:digitalhive:digitalhive
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2009
DigitalHive Multiple Vulnerabilities
Signup in the forum by going to http://localhost/[script]/base.php?page=inscription.php, then going to your profile here http://localhost/[script]/base.php?page=compte.php&var=accueil and click 'modfier', upload your shell in 'php.jpg' format, do a right click in the icon situated in 'Apparence' then copy the link of your shell.
Mitigation:
Sanitize user input