Advertisement






HRM With Loan And Bonus Manager v2.5.1 WebShell Upload

CVE Category Price Severity
CVE-2021-21044 CWE-22 $700 Critical
Author Risk Exploitation Type Date
Unknown High Remote 2019-04-18
CVSS EPSS EPSSP
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N 0 0

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019040166

Below is a copy:

HRM With Loan And Bonus Manager v2.5.1 WebShell Upload
# Title: HRM With Loan And Bonus Manager v2.5.1 WebShell Upload
# Author: QUIXSS
# Date: 2019-04-17
# Software: HRM With Loan And Bonus Manager v2.5.1
  
# Technical Details & Description:
# Weak file upload filtering has been discovered in the HRM With Loan And Bonus Manager web-application. Current version of this web-application is 2.5.1.

# Demo Website:
# https://codecanyon.net/item/hrm-with-loan-and-bonus-manager/21809062
# http://humanresource.clustercoding.com/demo/dashboard
# Login: [email protected], Password: demo

# PoC Upload:
# http://humanresource.clustercoding.com/demo/public/profile_picture/1555555842.php5

# PoC [WebShell Upload]:
# Authorize on the demo website for tests: http://humanresource.clustercoding.com/demo/, login is [email protected] and passowrd is demo. There is two ways how we allowed to upload any .PHP file we want.
# The first one is via File Upload page ( http://humanresource.clustercoding.com/demo/folders ), add new folder or use any existed, it doesn't matter. Press the Add File button and fill in the form. .PHP file type is not allowed to upload, so change file type from .PHP to .PHP5 and upload your WebShell or other .PHP file u want. After successful upload your file will be on this directory waiting for your commands: http://humanresource.clustercoding.com/demo/public/uploaded_files/
# The second one is via users profile page, works for admin account and basic user accounts ( http://humanresource.clustercoding.com/demo/profile/user-profile ): choose as Profile Picture your .PHP5 file (change file type of your WebShell from .PHP to .PHP5) and press the Update Profile button, then inspect profile picture. Your uploaded file will be here -> http://humanresource.clustercoding.com/demo/public/profile_picture/

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.