OSVDB ID: 84445

Title: Joomgalaxy Component for Joomla! Add Post Image Attachment Arbitrary File Upload

Info

Disclosure

Aug 02, 2012

Discovery

Unknown

Dates

Exploit

Aug 02, 2012

Solution

Unknown

Description

Joomgalaxy Component for Joomla! contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the image attachment functionality when adding posts does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure
OSVDB: Web Related

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

SMI Media

Joomgalaxy Component for Joomla!

1.2.0.4

References

Exploit Database: 20197
Secunia Advisory ID: 50154
Related OSVDB ID: 84446
Packet Storm: http://packetstormsecurity.org/files/115201/Joomla-Joomgalaxy-1.2.0.4-Shell-Upload-SQL-Injection.html
Vendor URL: http://www.joomgalaxy.com/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/84445