Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-264 | N/A | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2019-03-28 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
############################################################################################ # Exploit Title : Institut VerpackungsMarktForschung GMBH Modules Arbitrary File Upload # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 28/03/2019 # Vendor Homepage : ivm-childsafe.de # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : High # Google Dorks : [PDF] inurl:/modules/fck/usr/ # Vulnerability Type : CWE-264 [ Permissions, Privileges, and Access Controls ] # PacketStormSecurity : packetstormsecurity.com/files/authors/13968 # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/ # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos ############################################################################################ # Impact : *********** Institut VerpackungsMarktForschung GMBH FCKeditor Modules is prone to a vulnerability that lets attackers upload arbitrary files because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. ############################################################################################ # Arbitrary File Upload / Insert File Exploit : *************************************** /modules/fck/editor/filemanager/connectors/uploadtest.html # Directory File Path : ********************* /modules/fck/usr/[YOURFILENAME].txt .jpg .gif .png ############################################################################################ # Example Vulnerable Sites : ************************* [+] Vulnerable IP Address => 46.4.112.25 => There are 140 domains hosted on this server. [+] heizungsfilter.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] ivm-childsafe.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] ivm-childsafe.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-safe.info/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-safe.org/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childproofpackaging.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] antonischki.net/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindersicherheit.biz/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-resistant-packages.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-resistant-packaging.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-resistant.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-resistant.net/modules/fck/editor/filemanager/connectors/uploadtest.html [+] child-resistant.org/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childproof.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistant.net/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistant.org/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistantpackages.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistantpackaging.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistantpackaging.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistantpackaging.net/modules/fck/editor/filemanager/connectors/uploadtest.html [+] childresistantpackaging.org/modules/fck/editor/filemanager/connectors/uploadtest.html [+] ivm-childsave.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] ivm-childsave.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] ivm-lab.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] ivm-lab.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindergesichert.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindergesicherte-verpackungen.com/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindergesicherte-verpackungen.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindergesicherte-verpackungen.org/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindergesicherte.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindersicher.org/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindersichere-verpackungen.de/modules/fck/editor/filemanager/connectors/uploadtest.html [+] kindersichere.de/modules/fck/editor/filemanager/connectors/uploadtest.html ############################################################################################ # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team ############################################################################################
Copyright ©2024 Exploitalert.