Graffiti CMS 1.x Arbitrary File Upload

2009-09-10T00:00:00
ID PACKETSTORM:81128
Type packetstorm
Reporter Alexander Concha
Modified 2009-09-10T00:00:00

Description

                                        
                                            `Graffiti CMS includes a file manager component that allows  
unauthenticated users to upload files (including asp.net pages which  
allow code execution). All versions are affected by this  
vulnerability.  
  
To exploit this issue, it only suffices to access to the following URL.  
  
http://DOMAIN_TLD/GRAFFITI_CMS_INSTALL_DIR/__utility/Telligent_Editor/editor/filemanager/browser/default/browser.html?connector=../../connectors/aspx/connector.aspx  
  
  
`