In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability

2009-07-30T00:00:00
ID SSV:11935
Type seebug
Reporter Root
Modified 2009-07-30T00:00:00

Description

No description provided by source.

                                        
                                            
                                                =======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script :In-Portal v 4.3.1 Shell Upload Vulnerability

[+] D0rk : Powered by In-portal ® 1997-2009,

[+] Script site : www.in-portal.net

[+] Found by : Mr.tro0oqy  
   
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
-------
step1: register in site 

http://www.xxx.com/path/platform/login/register.html

step2: go to your profile 

http://www.xxx.com/path/platform/my_account/my_profile.html

step3: upload shell.php

step4: get shell

http://www.xxx.com/path/kernel/images/shell.php

Demo:
-----
http://www.in-portal.net/demo
-----

Yemeni ana ;)