DATABASE RESOURCES PRICING ABOUT US

{"type": "myhack58", "published": "2010-12-13T00:00:00", "href": "http://www.myhack58.com/Article/html/3/62/2010/28558.htm", "bulletinFamily": "info", "cvelist": [], "cvss": {"vector": "NONE", "score": 0.0}, "enchantments": {"score": {"value": -0.0, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.0}, "lastseen": "2016-10-28T18:22:59", "viewCount": 3, "id": "MYHACK58:62201028558", "references": [], "edition": 1, "reporter": "\u4f5a\u540d", "modified": "2010-12-13T00:00:00", "title": "JE Messenger 1.0 Arbitrary file upload vulnerability-vulnerability warning-the black bar safety net", "description": "Publishing author: Salvatore Fresta aka Drosophila\n\n\nOfficial website: joomlaextensions. co. in\n\nVulnerability type: file upload \nVulnerability Description: The program save the function in an error, the compose.php allows to registered users to upload with any file extension. For a valid file extension after making the check upload and in case of failure, the file is not deleted from the server. This can be utilized to perform the upload of arbitrary PHP code in the PHP file.\n\nThe name of the file is different after upload:\n\n$File['name'] =time\uff08\uff09'in'$file['name'] on..;\n\nFor example:\n\nOriginal file name: shell.php\n\nUpload File name: 1291907399inshell.php\n\nThe file will be uploaded to the following directory:\n\n$dest = JPATH_ROOT. DS.'components/'.$ option.'/ assets/images/'.$ file['name'];\n\nThe default target is:\n\nhttp://www.XXX.com/path/components/com_jemessenger/assets/images/\n", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645419356, "score": 1659769055}}

{}