MetaForum Arbitrary File Upload Vulnerability
BID:23032
Info
MetaForum Arbitrary File Upload Vulnerability
| Bugtraq ID: | 23032 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 19 2007 12:00AM |
| Updated: | Mar 20 2007 04:44PM |
| Credit: | Gu1ll4um3r0m41n is credited with the discovery of this vulnerability. |
| Vulnerable: |
Blursoft MetaForum 0.513 Beta |
| Not Vulnerable: | |
Discussion
MetaForum Arbitrary File Upload Vulnerability
MetaForum is prone to an arbitrary-file-upload vulnerability.
An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.
MetaForum version 0.513 Beta is vulnerable.
MetaForum is prone to an arbitrary-file-upload vulnerability.
An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.
MetaForum version 0.513 Beta is vulnerable.
Exploit / POC
MetaForum Arbitrary File Upload Vulnerability
Attackers can use a browser to exploit this issue.
The following exploit is available:
Attackers can use a browser to exploit this issue.
The following exploit is available:
Solution / Fix
MetaForum Arbitrary File Upload Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
MetaForum Arbitrary File Upload Vulnerability
References:
References: