[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Goople Cms 1.7 Remote File Upload Vulnerability
# Published : 2008-11-23
# Author : x0r
# Previous Title : Prozilla Hosting Index (id) Remote SQL Injection Vulnerability
# Next Title : NetArtMedia Cars Portal 2.0 (image.php id) SQL Injection Vulnerability
-============================================-
Autore: x0r - Evolution Team
Msn: andry2000@hotmail.it
Cms: Goople Cms 1.7
Bug: Arbitrary File Upload
Download:
http://ovh.dl.sourceforge.net/sourceforge/gooplecms/GoopleCMS_1.7.rar
-============================================-
Exploit:
Logg youself like a normal user, and then go to:
/win/content/upload.php and upload your php shell
after go to: /user/doc/shell.php
Greetz: Amore mio sono 47 giorni che stiamo insieme, 47 giorni
fantastici...sei la mia vita... A + M = L O V E
Ti Amo Bimba Mia... 8102008
# www.Syue.com [2008-11-23]