Detections
Analytics
PHPFM Arbitrary File Upload
high Nessus Plugin ID 20169
Language:
Synopsis
The remote web server contains a PHP application that is prone to an arbitrary file upload vulnerability.Description
The remote host appears to be running PHPFM, a web-based file manager written in PHP.The version of PHPFM installed on the remote host allows anyone to upload arbitrary files and then to execute them subject to the privileges of the web server user id.
Solution
Set 'AllowUpload' to false in 'conf/config.inc.php' or restrict access to trusted users.See Also
https://www.securityfocus.com/archive/1/415986/30/0/threaded
Plugin Details
Severity: High
ID: 20169
File Name: phpfm_file_uploads.nasl
Version: 1.25
Type: remote
Family: CGI abuses
Published: 11/8/2005
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.1
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:phpfm:phpfm
Required KB Items: www/PHP
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Exploited by Nessus: true
Vulnerability Publication Date: 11/6/2005
Reference Information
CVE: CVE-2005-4423
BID: 15335