Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: CMS / Portals :: b06-3154.htm

Easy CMS 0.1.2 Php Shell Upload Vulnerabilities



Easy CMS 0.1.2 Php Shell Upload Vulnerabilities
Easy CMS 0.1.2 Php Shell Upload Vulnerabilities



Easy CMS 0.1.2 Php Shell Upload Vulnerabilities =0D
----------------------------------------------------=0D
site:http://sourceforge.net/projects/php-easy-cms/=0D 
demo:http://www.easy-cms.be/=0D 
--------------------------------------------------=0D
Bug:=0D
=0D
1)http://victim/choose_file.php=0D 
=0D
=0D
  Documents =0D
 =0D
  Images =0D
 =0D
  Scripts =0D
 =0D
  Styles =0D
 =0D
  Templates =0D
 =0D
  Add a directory =0D
 =0D
  Add a file =0D
=0D
=0D
2)click add a file =0D
=0D
and upload shell.php.gif =0D
=0D
http://victim/Repositories/shell.php.gif=0D 
=0D
=0D
Example bug video download here http://biyosecurity.be/video/easycms.rar=0D 
=0D
=0D
 =0D
----------------------------------------------------------=0D
Credit:Liz0ziM=0D
Mail:liz0@bsdmail.com=0D 
Site:www.biyo.tk,www.biyosecurity.be=0D 
=0D
---------------------------------------------------------------=0D
Source:=0D
=0D
http://biyosecurity.be/bugs/easycms.txt=0D 
http://www.blogcu.com/Liz0ziM/719389/=0D 
http://liz0zim.no-ip.org/easycms.txt=0D 
=0D
=0D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH