Inout Ad server Ultimate – Arbitrary File Upload

• Exploit Database
• 36 阅读

• 作者： SONIC
  日期： 2010-07-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14279/

• ==============================================================
  Inout Ad server Ultimate --Shell upload Vulnerabilty 
  ==============================================================
  
  
  Name : Inout Ad server Ultimate Shell upload Vulnerabilty
  Date : july 9,2010
  Critical Level :VERY HIGH
  vendor URL :http://www.inoutscripts.com
  Price:$197
  
  Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
  
  special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x
  
  greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com
  
  special Shoutz : my Girl Frnd [H*****] 
  
  ###################################
  I'm SONiC member from Inj3ct0r Team
  ################################### 
  Description :
  
  Inout Adserver is powerful, feature rich, fully customizable PayPerClick advertiser/publisher networking script from inoutscripts.com. Advertisers can register into adserver and can post their text or banner PayPerClick(PPC) ads. Publishers can generate html code corresponding to their preferred style and can paste it in their web site to show ads relevant to their page content. Adserver administrator can define the commission to share with publishers. Administrator can create public service ads to show them up in partner webpages irrespective of the keywords used to search or the content of the page where the ad code is placed. The entire system is template driven which allows you to easily modify the advertiser, publisher pages to match your web site look. Also the support for utf-8 encoding allows you to use any local language for your ads. 
  
  
  #######################################################################################################
  Xploit :Shell Upload Vulnerability
  
  DEMO URL http://www.site.com/inout_adserver_ultimate/ppc-new-image-ad.php
  
  Uploaded Path : http://www.site.com/inout_adserver_ultimate/ppc-banners/
  
  unpriviledged user could be Able to upload Shell and take over the control .
  
  ###############################################################################################################
  
  # ..::[ SONiC ]::.. aka the_pshyco