Skip to content
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
MyOwnCVEs/CVE-2022-29347/
MyOwnCVEs/CVE-2022-29347/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

CVE-2022-29347

Arbitrary file upload vulnerability

  • Vendor: zeitprax.com / blitzprax.com
  • Product: Web@rchiv
  • Version: 1.0

An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a malicious PHP file.

To exploit the vulnerabilty you have to upload a php file which contains the shell_exec() function of php to execute local commands on the system. The Applications is intended for uploading documents but does not filter against extensions or anything else. By choosing the file it will be immediately uploaded and a direct hyperlink will be displayed.

Generated hyperlink before submitting the actual file

upload

Test for proper php code execution

HelloWorld

Output of the command "id"

command

PoC PHP file

poc