Authenticated arbitrary file upload to RCE
Product : Zenphoto
Affected : Zenphoto CMS - <= 1.5.7
Attack Type : Remote
login then go to plugins then go to uploader and press on the check box elFinder
then press apply , after that you go to upload then Files(elFinder) drag and drop
any malicious php code after that go to /uploaded/ and you're php code
--------------------------------------------------------------------------------------------
Zenphoto through 1.5.7 is affected by authenticated arbitrary file
upload, leading to remote code execution. The attacker must navigate to
the uploader plugin, check the elFinder box, and then drag and drop
files into the Files(elFinder)
Vulmon
Authenticated arbitrary file upload to RCE Product : Zenphoto Affected : Zenphoto CMS - <= 1.5.7 Attack Type : Remote login then go to plugins then go to uploader and press on the check box elFinder then press apply , after that you go to upload then Files(elFinder) drag and drop any malicious php code after that go to /uploaded/ and you're php code -------------------------------------------------------------------------------------------- Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder)