Wolf CMS Arbitrary File Upload To Command Execution
Full Technical Disclosure Of Wolf CMS Arbitrary File Upload To Command Execution
# Exploit Title : Wolf CMS 0.8.2 Arbitrary File Upload To Command Execution
# Reported Date : 05-May-2015
# Fixed Date : 10-August-2015
# Exploit Author : Narendra Bhati
# CVE ID : CVE-2015-6567 , CVE-2015-6568
# Additional Links -
* https://github.com/wolfcms/wolfcms/releases/
* https://www.wolfcms.org/blog/2015/08/10/releasing-wolf-cms-0-8-3-1.html
1. Description