CVE-2009-4315

Nuggetz CMS 1.0 - Path Traversal and Arbitrary File Write via nugget Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4315. PoCs published by Amol Naik.

AI-analyzed exploit summary This exploit demonstrates a remote code execution vulnerability in Nuggetz CMS 1.0 via unsanitized input in the 'ajaxsave.php' file. The attacker can create or overwrite files on the server by manipulating the 'nugget' and 'pagevalue' parameters, leading to arbitrary PHP code execution.

Description

Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Amol Naik · textwebappsphp

https://www.exploit-db.com/exploits/10378

View Code ZIP pw:eip

This exploit demonstrates a remote code execution vulnerability in Nuggetz CMS 1.0 via unsanitized input in the 'ajaxsave.php' file. The attacker can create or overwrite files on the server by manipulating the 'nugget' and 'pagevalue' parameters, leading to arbitrary PHP code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Nuggetz CMS 1.0

No auth needed

Prerequisites: Network access to the target server · Nuggetz CMS 1.0 installed

MITRE ATT&CK