Vulnerabilities > CVE-2011-3833 - Unspecified vulnerability in Sitracker Support Incident Tracker 3.65

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sitracker
exploit available
metasploit

Summary

Unrestricted file upload vulnerability in ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in an unspecified directory.

Vulnerable Configurations

Part Description Count
Application
Sitracker
1

D2sec

nameSitracker SIT File Upload
urlhttp://www.d2sec.com/exploits/sitracker_sit_file_upload.html

Exploit-Db

descriptionSupport Incident Tracker. CVE-2011-3829,CVE-2011-3833,CVE-CVE-2011-3833. Webapps exploit for php platform
fileexploits/php/webapps/18108.rb
idEDB-ID:18108
last seen2016-02-02
modified2011-11-13
platformphp
port
published2011-11-13
reportermetasploit
sourcehttps://www.exploit-db.com/download/18108/
titleSupport Incident Tracker <= 3.65 - Remote Command Execution
typewebapps

Metasploit

descriptionThis module combines two separate issues within Support Incident Tracker (<= 3.65) application to upload arbitrary data and thus execute a shell. The two issues exist in ftp_upload_file.php. The first vulnerability exposes the upload dir used to store attachments. The second vulnerability allows arbitrary file upload since there is no validation function to prevent from uploading any file type. Authentication is required to exploit both vulnerabilities.
idMSF:EXPLOIT/MULTI/HTTP/SIT_FILE_UPLOAD
last seen2020-06-07
modified2017-07-24
published2011-11-12
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/sit_file_upload.rb
titleSupport Incident Tracker Remote Command Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/106933/sit_file_upload.rb.txt
idPACKETSTORM:106933
last seen2016-12-05
published2011-11-13
reporterSecunia Research
sourcehttps://packetstormsecurity.com/files/106933/Support-Incident-Tracker-3.65-Remote-Command-Execution.html
titleSupport Incident Tracker 3.65 Remote Command Execution

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:72324
last seen2017-11-19
modified2014-07-01
published2014-07-01
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-72324
titleSupport Incident Tracker <= 3.65 Remote Command Execution