:: LasT_CoFFiN Was Here ::

Gw orangnya aga gemuk, item (tau manis tau ga neh..!! hehe), disinilah Tempat Gw mencurahkan perasaan dan saling berbagi..!!

Monday, June 19, 2006

Easy CMS 0.1.2 Php Shell Upload Vulnerabilities

Bug:

1)http://victim/choose_file.php

Documents

Images

Scripts

Styles

Templates

Add a directory

Add a file

2)click add a file

and upload shell.php.gif

http://victim/Repositories/shell.php.gif

Example bug video download here http://biyosecurity.be/video/easycms.rar

----------------------------------------------------------

Credit:Liz0ziM

Mail:liz0 (at) bsdmail (dot) com [email concealed]

Site:www.biyo.tk,www.biyosecurity.be

---------------------------------------------------------------

Source:

http://biyosecurity.be/bugs/easycms.txt

http://www.blogcu.com/Liz0ziM/719389/

http://liz0zim.no-ip.org/easycms.txt

posted by Evan Jaelani @ 9:28 PM 

0 Comments:

Post a Comment

<< Home