PT-2019-11472 · Phpthumb+1 · Phpthumb+1

Agel_Nash

Published

2019-07-23

Updated

2019-10-09

CVE-2019-1010123

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: MODX Revolution Gallery version 1.7.0

Description: The issue allows creating a file with custom filename and content. It involves filtering user parameters before passing them into the phpthumb class. The attack vector is a web request via the "/assets/components/gallery/connector.php" API endpoint.

Recommendations: For MODX Revolution Gallery version 1.7.0, consider restricting access to the /assets/components/gallery/connector.php API endpoint until a patch is available. As a temporary workaround, filtering user parameters more strictly before passing them into the phpthumb class may help minimize the risk of exploitation.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2019-1010123

Affected Products

Modx Revolution Gallery

Phpthumb

PT-2019-11472 · Phpthumb+1 · Phpthumb+1

CVE-2019-1010123

Weakness Enumeration

Related Identifiers

Affected Products

References · 5