Exploits / Vulnerability Discovered : 2020-05-06 |
Type : webapps |
Platform : php
This exploit / vulnerability Webtareas 2.0.p8 arbitrary file deletion is for educational purposes only and if it is used you will do on your own risk!
- print_layout.php is vulnerable. When you sent PoC code to the server and
If there is no file on the server, you can see, this error message
<br />
<b>Warning</b>:
unlink(/Applications/XAMPP/xamppfiles/htdocs/webtareas/files/PrintLayouts/tester.png.php--1.zip):
No such file or directory in
<b>/Applications/XAMPP/xamppfiles/htdocs/webtareas/includes/library.php</b>
on line <b>1303</b><br />
- So, Here, you can delete file with unlink function.
- And, I ddi try again with another file, I deleted from the server.
--------------------------------------------------------------------------------------------