EXIF Geolocation Data Not Stripped From Uploaded Images · Issue #186 · slims/slims9 |
您所在的位置:网站首页 › php_exif › EXIF Geolocation Data Not Stripped From Uploaded Images · Issue #186 · slims/slims9 |
Describe the bug When a user uploads an image in "SLiMS 9 Bulian official source code", the uploaded image’s EXIF Geolocation Data does not gets stripped. As a result, anyone can get sensitive information of "SLiMS 9 Bulian official source code" users like their Geolocation, their Device information like Device Name, Version, Software & Software version used etc. CMS Version: v9.5.2 Affected URL: http://127.0.0.1/bulian/admin/index.php?mod=membership To Reproduce Steps to reproduce the behavior: Got to Github ( https://github.com/ianare/exif-samples/tree/master/jpg) There are lot of images having resolutions (i.e 1280 * 720 ) , and also whith different MB’s . login your admin panel and membership menu and upload photo in any member profile. see the path of uploaded image ( Either by right click on image then copy image address OR right click, inspect the image, the URL will come in the inspect , edit it as html ) open it (https://www.verexif.com/en/index.php) See whether is that still showing exif data , if it is then Report it.Proof Of Concept: You can see the Proof of Concept. which I've attached screenshots and video to confirm the vulnerability. Screenshots
Video Desktop (please complete the following information): OS: Windows 10 Browser: Google ChromeImpact This vulnerability is CRITICAL and impacts all the "SLiMS 9 Bulian official source code" customer base. This vulnerability violates the privacy of a User and shares sensitive information of the user who uploads an image on SLiMS 9 Bulian official. Let me know if any further info is required. Thanks & Regards Rahad Chowdhury Cyber Security Specialist https://www.linkedin.com/in/rahadchowdhury |
CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |