Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Reported to MyCERT with the following ticket number: MyCERT-201206271021640
Tested and verified on 06/27/2012 00:30 (GMT +8)
Original report :-
##################################################
# Exploit Title: IMCE Mkdir <== Remote File Upload Vulnerability
# Date: 27/06/2012
# Author: Fahmi Fisal
# Web/Blog: http://justryuz.blogspot.com
# Category: webapps
# version: -
# Vendor or Software Link: http://drupal.org/project/imce_mkdir
# Google dork: inurl:"/imce?dir=" intitle:"File Browser"
# Tested on: Linux
##################################################
[~]Exploit/p0c :
Comments
Comment #1
ufku CreditAttribution: ufku commentedIt's not a bug with the module or Drupal. It's some administrators giving anonymous users access to IMCE with a profile that has upload permissions. Unfortunately, that's not limited with IMCE. You can find lots of sites where anonymous users can access to administration interfaces. Ex: search inurl:"admin/build/modules".
It's all about permissions given to anonymous users.