This writeup details a remote file upload vulnerability in Geeklog <= v1.6.0sr2, where the image upload process fails to validate the MIME type, allowing arbitrary file uploads (e.g., JavaScript or PHP) with spoofed extensions. It also describes potential abuse scenarios, including XSS and cookie theft leading to privilege escalation.
Classification
Writeup 90%
Target:
Geeklog <= v1.6.0sr2
Auth required
Prerequisites:
User account creation · Browser with MIME type spoofing capability (e.g., Firefox)