Published: 29/01/2014 Updated: 21/02/2014

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Unrestricted file upload vulnerability in the user profile page feature in the Timeline Plugin 4.2.5p9 for SocialEngine allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in public/temporary/timeline/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
webhive timeline 4.2.5

# Exploit Title: Sending php file in the timeline plugin cover image of SocialEngine 45 # Date: 2013-08-17 # Discovered by: Wesley Henrique Leite aka "spyk2r" # Vendor Homepage: webhivecomua/ # Software Link: webhivecomua/store/productphp?id_product=46 # Version: plugin Timeline 425p9 for SocialEngine 45 # Vendor Notified ...

SocialEngine version 45 suffers from a remote shell upload vulnerability ...

POC

CVE I realy love it!!! All these publications were my first, today I have a slightly different view of how I should have built this path, well, it's true that we have improved over time CVE-2014-8469 PHPFOX XSS ADMINCP CVE-2013-7196 Comment on a publication set to "Only Me" CVE-2013-7195 Flag as "like" a publication set to "Only Me" CVE-2013

NVD-CWE-Other http://www.exploit-db.com/exploits/27272/http://www.securityfocus.com/archive/1/527791 https://nvd.nist.gov https://github.com/wesleyleite/CVE https://www.exploit-db.com/exploits/27272/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-4898

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect