Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Add CVE-2019-16113: Bludit Directory Traversal Image Upload Exploit #12542
Bludit Directory Traversal Image File Upload Vulnerability
This module exploits a vulnerability in Bludit: A simple, fast, "secure", flat-file CMS. A vulnerability was found by christasa in the image uploading feature. A remote user could the uuid parameter in the upload feature in order to save a malicious payload anywhere onto the server, and then use a custom .htaccess file to bypass the file extension check, and finally get remote code execution.
Tested on Bludit
This adds an exploit module for Bludit, an open source CMS. For versions below