Full title: Oxwall 1.7.0 - Remote Code Execution Exploit Category: remote exploits Platform: php # Oxwall suffers from an authenticated arbitrary PHP code # execution. The vulnerability is caused due to the improper # verification of uploaded files in '/admin/settings/user' script # thru the 'avatar' and 'bigAvatar' POST parameters. This can be # exploited to execute arbitrary PHP code by uploading a malicious # PHP script file with '.php5' extension (to bypass the '.htaccess' # block rule) that will be stored in '/ow_userfiles/plugins/base/avatars/' # directory. # 0day.today @ http://0day.today/