N/A

Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, or (7) .jar, then accessing it via a direct request to the file in modules/FileManager/postlet/.

N/A

N/A

CMS Made Simple 'modules/FileManager/postlet/javaUpload.php' 任意本地文件上传漏洞

CMS Made Simple 1.2.4以及之前的版本中的文件管理模块中的Postlet中的javaUpload.php存在不完全黑名单漏洞。远程攻击者可以通过先上传一个文件，然后再借助对modules/FileManager/postlet/.中的文件的一个直接请求访问它，从而执行任意代码。上传的文件有一个以(1).jsp,(2).php3,(3).cgi,(4).dhtml,(5).phtml,(6).php5,或(7).jar结尾的名字。

N/A

N/A