BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
BID:52234
Info
BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
| Bugtraq ID: | 52234 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 01 2012 12:00AM |
| Updated: | Mar 01 2012 12:00AM |
| Credit: | KedAns-Dz |
| Vulnerable: |
BrewBlogger BrewBlogger 2.3.2 |
| Not Vulnerable: | |
Discussion
BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
BrewBlogger is prone to multiple arbitrary-file-upload vulnerabilities because the application fails to adequately sanitize user-supplied input.
An attacker can exploit these issues to upload arbitrary code and run it in the context of the affected application.
BrewBlogger 2.3.2 is vulnerable; other versions may also be affected.
BrewBlogger is prone to multiple arbitrary-file-upload vulnerabilities because the application fails to adequately sanitize user-supplied input.
An attacker can exploit these issues to upload arbitrary code and run it in the context of the affected application.
BrewBlogger 2.3.2 is vulnerable; other versions may also be affected.
Exploit / POC
BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
Attackers can exploit these issues using a browser.
Attackers can exploit these issues using a browser.
Solution / Fix
BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
BrewBlogger Multiple Arbitrary File Upload Vulnerabilities
References:
References:
- BrewBlogger Homepage (BrewBlogger)