Skip to content

[CVE-2018-12053] Schools Alert Management Script - Arbitrary File Deletion #6

Open
@unh3x

Description

@unh3x

=================
Schools Alert Management Script - Arbitrary File Deletion

Date: 07.06.2018
Vendor Homepage: https://www.phpscriptsmall.com/
Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/
Category: Web Application
Exploit Author: xiaotian.wang From DBAppSecurity
CVE: CVE-2018-12053

=================
Vulnerable cgi:

delete_img.php

=================
Proof of Concept:

/delete_img.php?img=./uploads/school_logos/1528360893_x1.php

notice: There is a risk of file deletion,you'd better test it combined with the furthur file upload vulnerability.

Attackers can delete any file through parameter 'img' with '../' .

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions