Exploits / Vulnerability Discovered : 2018-04-23 |
Type : webapps |
Platform : php
This exploit / vulnerability Drupal avatar_uploader v7.x1.0beta8 arbitrary file disclosure is for educational purposes only and if it is used you will do on your own risk!
#Description: This module used Simple Ajax Uploader, and provide a basic uploader panel, for more effect, you can do your custom javascript. Such as, users' mouse hover on avatar, the edit link will slideup, or others.
#Vulnerability:
#The view.php contains code to retrieve files but no code to verify a user should be able to view files or keep them from changing the path to outside of the uploadDir directory: