Bugtraq mailing list archives
WikiWebWeaver 1.1 beta Upload Shell Vulnerability
From: yollubunlar () yollubunlar org
Date: 1 Aug 2007 09:40:38 -0000
Yollubunlar.Org -------------------------------------------------------------------------------- Title : WikiWebWeaver 1.1 beta Upload Shell Upload Vulnerability -------------------------------------------------------------------------------- #Author: Yollubunlar.Org #cont@ct: yollubunlar () hotmail com -------------------------------------------------------------------------------- Affected software description : -------------------------------------------------------------------------------- Application : WikiWebWeaver 1.1 -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- Exploit: WikiWebWeaver 1.0 beta 2 Script Have Upload part and you can upload only gif,jpeg lol :D but you can upload gif.php or psd.php http://www.site.com/wiki_path/index.php?upload we upload a .gif.php or others than our shell go http://www.site.com/wiki_path/data/documents/ourshell.gif.php :) -------------------------------------------------------------------------------- greets:Yollubunlar.Org -------------------------------------------------------------------------------- --------------------------------- [Yollubunlar.Org ] --------------------------------------
Current thread:
- WikiWebWeaver 1.1 beta Upload Shell Vulnerability yollubunlar (Aug 01)