[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Goople Cms 1.7 Remote File Upload Vulnerability
# Published : 2008-11-23
# Author : x0r
# Previous Title : Prozilla Hosting Index (id) Remote SQL Injection Vulnerability
# Next Title : NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection Vulnerability


-============================================-
Autore: x0r - Evolution Team
Msn: andry2000@hotmail.it
Cms: Goople Cms 1.7
Bug: Arbitrary File Upload
Download:
http://ovh.dl.sourceforge.net/sourceforge/gooplecms/GoopleCMS_1.7.rar
-============================================-
Exploit:

Logg youself like a normal user, and then go to:

/win/content/upload.php and upload your php shell

after go to: /user/doc/shell.php

Greetz: Amore mio sono 47 giorni che stiamo insieme, 47 giorni
fantastici...sei la mia vita... A + M = L O V E
        Ti Amo Bimba Mia... 8102008

# www.Syue.com [2008-11-23]