Givanz Vvveb Unrestricted File Upload Vulnerability in Media Trait

A vulnerability allowing unrestricted file uploads has been identified in Givanz Vvveb versions through 1.0.7.2. The issue resides in the media.php file within the system/traits directory. The vulnerability arises because the application does not validate file extensions when renaming uploaded files. This flaw enables users to upload a file with a benign extension, such as .txt, and then rename it to a .php file, potentially leading to remote code execution.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which can be leveraged to execute malicious scripts on the server, resulting in remote code execution.

Reproduction

To reproduce this vulnerability, first upload a text file containing a script that executes a command. After the upload, rename the file to a .php extension using the media management feature. Once the file is renamed, access it through the web server, which will execute the uploaded script, demonstrating the remote code execution capability.

Remediation

The vulnerability has been addressed in a patch that will be included in a future release. Users are advised to update to the latest version once it is available.