FlashChat 6.0.2-6.0.8 - Arbitrary File Upload Vulnerability
This module exploits a file upload vulnerability found in FlashChat versions 6.0.2 and 6.0.4 to 6.0.8. Attackers can abuse the upload feature in order to upload malicious PHP files without authentication which results in arbitrary remote code execution as the web server user.
FlashChat contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the upload.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script with the privileges of the web server.
Same thing just happened to my forum. Was using the newest version 6.0.8.
Was such a great add-on too and is a shame its no longer maintained.
Did some searching and found:
http://www.rapid7.com/db/modules/exploi ... pload_exec
Maybe deleting the upload.php file will prevent the exploit?
Although, will flashchat even work with phpbb 3.1?