header-logo
Suggest Exploit
vendor:
Inventory
by:
Mehmet EMIROGLU
6.5
CVSS
MEDIUM
Arbitrary File Upload
434
CWE
Product Name: Inventory
Affected Version From: 2.3
Affected Version To: 2.3
Patch Exists: NO
Related CWE: CVE-2019-8404
CPE: 2.3
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Wamp64, Windows
2019

Webiness Inventory 2.3 – ‘ProductModel’ Arbitrary File Upload

Sign in to admin panel. then go to the inventory tab. Switch to the products tab and create a new product. In product image, click the browse button and select a file. When you save the product, the script is loaded with the error file to the server. for example service unvailable. path to the file we uploaded http://localhost/[PATH]/runtime/ProductModel/[FILE]

Mitigation:

Ensure that the application is configured to only allow the upload of files with the expected extensions and validate the file type before allowing the upload.
Source

Exploit-DB raw data:

===========================================================================================
# Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload
# Dork: N/A
# Date: 10-02-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://sourceforge.net/projects/webinessinventory/files/
# Software Link: https://sourceforge.net/projects/webinessinventory/files/
# Version: 2.3
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: CVE-2019-8404
# Software Description: Small stock inventory managment application for web.
===========================================================================================
# POC:
# Sign in to admin panel. then go to the inventory tab.
  Switch to the products tab and create a new product.
  In product image, click the browse button and select a file.
  https://i.hizliresim.com/OvrOOn.jpg
  When you save the product, the script is loaded with the error file to
the server.
  for example service unvailable
  https://i.hizliresim.com/zjGqD4.jpg
  path to the file we uploaded
  https://i.hizliresim.com/XMbpp5.jpg
# http://localhost/[PATH]/runtime/ProductModel/[FILE]
===========================================================================================

Navigation

Suggest Exploit

Services By CQR