AtomCMS – SQL Injection / Arbitrary File Upload

  • 作者: Jagriti Sahu
    日期: 2014-07-07
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/39238/
  • source: https://www.securityfocus.com/bid/68437/info

AtomCMS is prone to an SQL-injection vulnerability and an arbitrary file-upload vulnerability.

Exploiting these issues could allow an attacker to upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 

http://www.example.com/acms/admin/uploads.php?id=1