|
Hello,,=0D
=0D
E-Vision CMS Multible Remote injections (SQL and File upload)=0D
=0D
Discovered By : HACKERS PAL=0D
Copy rights : HACKERS PAL=0D
Website : http://www.soqor.net=0D
Email Address : security@soqor.net=0D
=0D
=0D
upload any file=0D
=0D
admin/x_image.php=0D
this file is used to upload files and it does not check the permission=0D
=0D
This file can be used to upload any file to the dir /imagebank=0D
replace http://localhost/evision_cms/ to the website dir and choose any file to upload it will be uploaded=0D
=0D