Jetbox CMS Arbitrary File Upload Vulnerability
BID:23996
Info
Jetbox CMS Arbitrary File Upload Vulnerability
| Bugtraq ID: | 23996 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-2733 |
| Remote: | Yes |
| Local: | No |
| Published: | May 15 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | laurent gaffié is credited with the discovery of this vulnerability. |
| Vulnerable: |
Jetbox Jetbox CMS 2.1 |
| Not Vulnerable: | |
Discussion
Jetbox CMS Arbitrary File Upload Vulnerability
Jetbox CMS is prone to an arbitrary-file-upload vulnerability.
An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.
Jetbox CMS 2.1 is vulnerable to this issue.
Jetbox CMS is prone to an arbitrary-file-upload vulnerability.
An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.
Jetbox CMS 2.1 is vulnerable to this issue.
Exploit / POC
Jetbox CMS Arbitrary File Upload Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
Jetbox CMS Arbitrary File Upload Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Jetbox CMS Arbitrary File Upload Vulnerability
References:
References: