Exploits / Vulnerability Discovered : 2020-03-25 |
Type : webapps |
Platform : php
This exploit / vulnerability Joomla! component gmapfp 3.30 arbitrary file upload is for educational purposes only and if it is used you will do on your own risk!
# you can bypass the the restriction by uploading your file.php.png , file2.php.jpeg , file3.html.jpg ,file3.txt.jpg
# Dir File Path:
http://127.0.0.1/images/gmapfp/file.php
or
http://127.0.0.1//images/gmapfp/file.php.png
# The Joomla Gmapfp Components 3.x is allowing
# remote attackers to upload arbitrary files upload/shell upload due the issues of unrestricted file uploads