PHP-Nuke DownloadsPlus Module - Arbitrary File Upload Vulnerability

2008-04-24T00:00:00
ID EDB-ID:31702
Type exploitdb
Reporter ZoRLu
Modified 2008-04-24T00:00:00

Description

PHP-Nuke DownloadsPlus Module Arbitrary File Upload Vulnerability. CVE-2008-4767. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/28919/info

The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits attackers to upload arbitrary files with '.htm', '.html', or '.txt' extensions.

An attacker can leverage this issue to execute arbitrary code on an affected computer with the privileges of the webserver process.

Note that to exploit this issue, the attacker may require valid login credentials. 

http://www.example.com/phpnuke/upload_category/filename.html