Published: 22/12/2009 Updated: 21/11/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 780

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 up to and including 0.4.3, Woopra Analytics Plugin prior to 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
teethgrinder.co.uk open_flash_chart 2.0
matomo matomo 0.4.3
matomo matomo 0.2.37
matomo matomo 0.4.2

## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info={}) super(update_inf ...

# Exploit Title: ZonPHP V225 RCE Vulnerability # Google Dork: intext:"Made by SLAPER" # Date: 21-10-2013 # Exploit Author: Halim Cruzito # Vendor Homepage: wwwslaperbe # Software Link: wwwslaperbe/zonPHPv225zip # Version: v225 # Tested on: Windows 7 # PoC: <?php $url = "server/"; $path = "ofc/ofc_upload_imagephp?n ...

Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 043 Piwik Piwik 042 Piwik Piwik 041 Piwik Piwik 04 Piwik Piwik 0237 Piwik Piwik 0236 Piwik Piwik 0235 Open Web Analytics Open Web Analytics 12 ...

<?php /* OpenEMR 411 (ofc_upload_imagephp) Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: wwwopen-emrorg Affected version: 411 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management application that can run on Windows, Linux, Mac OS X, and many other platform ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking ...

# Exploit Title: joomla component com_civicrm remode code injection exploit # Google Dork:"Index of /joomla/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart" # Date: 20/04/2013 # Exploit Author: iskorpitx # Vendor Homepage: civicrmorg # Software Link: civicrmorg/blogs/yashodha/announcing-civicrm-422 # Version: [c ...

NVD-CWE-Other http://secunia.com/advisories/37078 http://packetstormsecurity.org/0910-exploits/piwik-upload.txt http://www.openwall.com/lists/oss-security/2009/12/14/1 http://www.vupen.com/english/advisories/2009/2966 http://www.securityfocus.com/bid/37314 http://www.osvdb.org/59051 http://www.openwall.com/lists/oss-security/2009/12/14/3 http://piwik.org/blog/2009/10/piwik-response-to-secunia-advisory-sa37078/http://wordpress.org/extend/plugins/woopra/changelog/http://secunia.com/advisories/37911 http://secunia.com/advisories/55160 http://packetstormsecurity.com/files/123494/wpslimstatex-exec.txt http://secunia.com/advisories/55162 http://packetstormsecurity.com/files/123493/wpseowatcher-exec.txt http://www.exploit-db.com/exploits/24969 https://exchange.xforce.ibmcloud.com/vulnerabilities/53825 https://nvd.nist.gov https://www.exploit-db.com/exploits/29210/

CVE-2009-4140

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect