dotNETCMS v1. 3 vulnerability 0day-vulnerability warning-the black bar safety net

2009-12-17T00:00:00
ID MYHACK58:62200925646
Type myhack58
Reporter 佚名
Modified 2009-12-17T00:00:00

Description

Affected versions: dotNETCMS v1. 3

Vulnerability description: 前些 天 在 t00ls.net discussion the discovery of this system, and new cloud that vulnerability almost. By IIS6. 0 resolve get the shell. Exploit method: the article first black and white front First registered members, and then into the gallery to manage or direct call configuration/system/Upload_user. aspx upload. Format xm. asp;1.jpg File name unchanged. IIS6. 0 You can get an executable of the pony. Upload address: Userfiles/UID(3 1 9 0 3 5 7 4 3 4 3 0)/xm. asp;1.jpg

Keywords:

GG

inurl:/user/Register. aspx? SiteID=