header-logo
Suggest Exploit
vendor:
DownloadsPlus Module
by:
SecurityFocus
7.5
CVSS
HIGH
Arbitrary Code Execution
78
CWE
Product Name: DownloadsPlus Module
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

DownloadsPlus Module for PHP-Nuke Arbitrary Code Execution Vulnerability

The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits attackers to upload arbitrary files with '.htm', '.html', or '.txt' extensions. An attacker can leverage this issue to execute arbitrary code on an affected computer with the privileges of the webserver process. Note that to exploit this issue, the attacker may require valid login credentials.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to execute arbitrary code.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/28919/info

The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits attackers to upload arbitrary files with '.htm', '.html', or '.txt' extensions.

An attacker can leverage this issue to execute arbitrary code on an affected computer with the privileges of the webserver process.

Note that to exploit this issue, the attacker may require valid login credentials. 

http://www.example.com/phpnuke/upload_category/filename.html

Navigation

Suggest Exploit

Services By CQR