Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-import-export-lite domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the insert-headers-and-footers domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121
GHBoard Multiple Vulnerabilities - exploit.company
header-logo
Suggest Exploit
vendor:
GHBoard
by:
Unknown
9
CVSS
CRITICAL
Arbitrary File Upload, Arbitrary Code Execution
22
CWE
Product Name: GHBoard
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2007-6472, CVE-2007-6473
CPE: a:ghboard:ghboard
Metasploit:
Other Scripts:
Platforms Tested:
2007

GHBoard Multiple Vulnerabilities

The GHBoard application is prone to multiple vulnerabilities that allow attackers to upload and download arbitrary files and execute arbitrary code within the context of the webserver process. The vulnerabilities can be exploited by sending a crafted HTTP request to the affected server. Specifically, the 'download.jsp' script does not properly validate user-supplied input in the 'name' parameter, allowing for directory traversal attacks and arbitrary file downloads. This can lead to unauthorized access to sensitive information or remote code execution depending on the file accessed. This vulnerability is assigned multiple CVE identifiers: CVE-2007-6472, CVE-2007-6473.

Mitigation:

To mitigate these vulnerabilities, it is recommended to apply the latest patches and updates provided by the vendor. Additionally, access controls should be implemented to restrict unauthorized access to sensitive directories and files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26182/info

GHBoard is prone to multiple vulnerabilities that let attackers upload and download arbitrary files and execute arbitrary code within the context of the webserver process. 

http://www.example.com/ghboard/component/flashupload/download.jsp?name=[file_name]

http://www.example.com/ghboard/component/flashupload/download.jsp?name=../config.js

Navigation

Suggest Exploit

Services By CQR

cqrsecured