RazorCMS 1.2.1 STABLE Shell Upload

2012-03-08T00:00:00
ID PACKETSTORM:110592
Type packetstorm
Reporter i2sec_Hyo jun Oh
Modified 2012-03-08T00:00:00

Description

                                        
                                            `# Exploit Title: RazorCMS <= 1.2.1 STABLE File Upload Vulnerability  
# Google Dork:  
# Date: 2012-02-26  
# Author: i2sec_Hyo jun Oh  
# Software Link: http://www.razorcms.co.uk/archive/core/razorCMS_core_v1_2_1_STABLE.zip  
# Version: RazorCMS 1.2.1  
# Tested on: Windows XP  
Upload a file extension did not check.  
Destination  
1. user login  
2. user upload webshell  
3. Run sebshell ----- <host>/datastore/webshell.php  
  
`