CVE-2017-14841

MEDIUM

Mojoomla AMC - Arbitrary File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14841. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This is a writeup describing an arbitrary file upload vulnerability in the Annual Maintenance Contract Management System. It includes details about the vulnerable code and a proof of concept but lacks executable exploit code.

Description

Mojoomla Annual Maintenance Contract (AMC) Management System allows Arbitrary File Upload in profilesetting image handling.

Exploits (1)

exploitdb WRITEUP

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/42799

View Code ZIP pw:eip

This is a writeup describing an arbitrary file upload vulnerability in the Annual Maintenance Contract Management System. It includes details about the vulnerable code and a proof of concept but lacks executable exploit code.

Classification

Writeup 80%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Annual Maintenance Contract Management System

Auth required

Prerequisites: Access to the vulnerable endpoint · Valid user ID

MITRE ATT&CK

T1133 - External Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42799/

Scores

CVSS v3 6.5

EPSS 0.0228

EPSS Percentile 80.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-434

Status published

Products (1)

dasinfomedia/annual_maintenance_contract_management_system

Published Sep 28, 2017

Tracked Since Feb 18, 2026