Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
# Published : 2008-08-11
# Author : Stack
# Previous Title : ZeeBuddy 2.1 (bannerclick.php adid) SQL Injection Vulnerability
# Next Title : Ovidentia 6.6.5 (item) Remote SQL Injection Vulnerability

Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
cript : Ppim v1.0
Download : http://scripts.ringsworld.com/organizers/ppim.zip
By Stack
Poc 1: change password
for change password go to this link
http://localhost/ppim/changepassword.php
writhe your password and confirm it

Poc 2 : upload
http://localhost/ppim/upload.php
you can upload you php shell in this link
after you go here
http://localhost/ppim/shell.php

# www.Syue.com [2008-08-11]