Luftguitar CMS – Upload Arbitrary File

• Exploit Database
• 33 阅读

• 作者： Abysssec
  日期： 2010-09-13
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/14991/

• '''
  ________ __ ____
   |\/|/ __ \ /\| || |_ \ 
   | \/ | || | /\ | || | |_) |
   | |\/| | || |/ /\ \| || |_ < 
   | || | |__| / ____ \ |__| | |_) |
   |_||_|\____/_/\_\____/|____/ 
  
  http://www.exploit-db.com/moaub-13-luftguitar-cms-vulnerability-upload-arbitrary-file/
  '''
  
  Abysssec Inc Public Advisory
   
   
  Title:Luftguitar CMS Vulnerability: Upload arbitrary file
  Affected Version :Luftguitar CMS 2.0.2
  Discovery:www.abysssec.com
  Vendor	 :
  
  Demo	 :
  Download Links :http://sourceforge.net/projects/luftguitarcms/ 		
  		
  
  Description :
  ===========================================================================================
  
  This CMS have Upload arbitrary file valnerability with Image Gallery.
  
  you can upload your file with this path:
  http://Example.com/Backstage/Components/FreeTextBox/ftb.imagegallery.aspx
  
  
  Uploaded files will be placing in this path:
  
  http://Example.com/Images/ 
  
  
  ===========================================================================================