CVE-2013-1668

CosCMS < 1.822 - Authenticated OS Command Injection via Uploaded File Name

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1668. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This exploit demonstrates an OS command injection vulnerability in CosCms 1.721 via the filename parameter in a file upload request. The PoC shows how arbitrary commands can be executed on the server by manipulating the filename field in a multipart/form-data POST request.

Description

The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/24629

View Code ZIP pw:eip

This exploit demonstrates an OS command injection vulnerability in CosCms 1.721 via the filename parameter in a file upload request. The PoC shows how arbitrary commands can be executed on the server by manipulating the filename field in a multipart/form-data POST request.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: CosCms 1.721 and prior

Auth required

Prerequisites: Attacker must be authenticated · Attacker must have file upload privileges

MITRE ATT&CK