CVE-2017-17593
published 2017-12-13CVE-2017-17593: Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.
PriorityP258high7.5CVSS 3.0
AVNACLPRNUINSUCNIHAN
EXPLOIT
EPSS
6.05%
92.5th percentile
Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| simple_chatting_system_project | simple_chatting_system | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor file upload activity to the 'uploads/' directory for PHP files (or other executable scripts) being written — the exploit deposits a date-named .php webshell under uploads/. ↗
- →Alert on POST requests to view/my_profile.php that include a multipart file upload with a PHP (or other server-side script) extension, indicating an attempt to abuse the profile picture upload functionality. ↗
- →Alert on HTTP GET/POST requests to uploads/*.php — any PHP file executed from the uploads/ directory is a strong indicator of successful exploitation and webshell access. ↗
- ·The uploaded malicious file is named using a date-based pattern ([DATE].php), so filename-based blocking alone is insufficient — content-type and file-extension validation on the server side is required. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2017-12-13
Published