‘Pulse CMS Arbitrary File Deletion Vulnerability’

Summary

A vulnerability was discovered in Pulse CMS, which can be exploited by malicious users to manipulate certain data.’

Credit:

‘The original article can be found at: http://secunia.com/secunia_research/2010-48/


Details

Vulnerable Systems:
 * Pulse CMS basic version 1.2.2

Immune Systems:
 * Pulse CMS basic version 1.2.3

Input passed via the ‘f’ parameter to delete.php is not properly sanitised before deleting files. This can be exploited to delete arbitrary files with the permissions of the web server via directory traversal attacks.

Successful exploitation requires authentication.

CVE Information:
CVE-2010-0989

Disclosure Timeline:
19/03/2010 – Vendor notified.
19/03/2010 – Vendor response.
24/03/2010 – Public disclosure.’

Categories: UNIX