CVE-2006-2743

Drupal 4.6.x < 4.6.7 and 4.7.0 - Arbitrary File Upload and Execution via Multiple File Extensions

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2743. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a file upload vulnerability in Drupal <= 4.7, allowing authenticated users to upload malicious files with double extensions (e.g., .php.jpg) to bypass restrictions and achieve remote code execution (RCE). The PoC demonstrates uploading a PHP shell and executing arbitrary commands via HTTP requests.

Description

Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1821

View Code ZIP pw:eip

This exploit targets a file upload vulnerability in Drupal <= 4.7, allowing authenticated users to upload malicious files with double extensions (e.g., .php.jpg) to bypass restrictions and achieve remote code execution (RCE). The PoC demonstrates uploading a PHP shell and executing arbitrary commands via HTTP requests.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Drupal <= 4.7

Auth required

Prerequisites: Valid Drupal user credentials with upload rights · Access to the Drupal upload functionality

MITRE ATT&CK