CVE-2007-5304

ELSEIF CMS Beta 0.6 - Stored Cross-Site Scripting via Multiple Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5304.

AI-analyzed exploit summary This exploit demonstrates a file upload vulnerability in Else If CMS Beta 0.6, allowing an attacker to upload a malicious PHP shell via the 'swfupload/upload.php' endpoint. The exploit constructs a multipart/form-data POST request to bypass restrictions and achieve remote code execution.

Description

Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote parameter to utilisateurs/votesresultats.php, and the (3) elseifforumtxtmenugeneraleduforum parameter to moduleajouter/depot/adminforum.php.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/4490

View Code ZIP pw:eip

This exploit demonstrates a file upload vulnerability in Else If CMS Beta 0.6, allowing an attacker to upload a malicious PHP shell via the 'swfupload/upload.php' endpoint. The exploit constructs a multipart/form-data POST request to bypass restrictions and achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Else If CMS Beta 0.6

No auth needed

Prerequisites: Network access to the target CMS · File upload endpoint accessible

MITRE ATT&CK