Joomla GMapFP J3.5 / J3.5F Arbitrary File Upload

Joomla GMapFP component versions J3.5 and J3.5F suffer from an unauthenticated arbitrary file upload vulnerability.

MD5 | 9c9258b91b93df640a00425477cf2e15

# Exploit Title: Joomla! Component GMapFP J3.5/J3.5F - Unauthenticated Arbitrary File Upload
# Google Dork: inurl:''com_gmapfp''
# Date: 2020-03-27
# Exploit Author: ThelastVvV
# Vendor Homepage:
# Version:Version J3.5 /J3.5free
# Tested on: Ubuntu
# CVE:CVE-2020-23972

# Description:

An attacker can access the upload function of the application without authenticating to the application and also can upload files due the issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions

# PoC:

Version J3.5 /J3.5free

-Once the attacker can locate the unauthenticated file upload form then the attacker can bypass the restriction by changing content-type and name file double extensions file.html.gif then can open file.html

# Impact
the attacker can upload malicious files can cause defacement of the site or uploading large amount of file til causes denial of service attack to Webapp/Server

# Dir File Path:

# Issues are fixed,Please update to Last Version

Related Posts