ZEEJOBSITE v2.0 remote file Upload author: ZoRLu msn: trt-turk@hotmail.com home: www.z0rlu.blogspot.com dork: "Copyright-2008@zeejobsite.com" date: 08/11/2008 ( aha simdi gönderiyorum saat 10:40 : ) ) first register to site you add this code your shell to head GIF89a; example your_shell.php: GIF89a; <? ... ... ... ?> and save your_sheell.php after jobseekers login to site ( direckt link: localhost/jobseekers/jobseekerloginpage.php ) and you edit your profile ( direckt link: http://localhost/jobseekers/editresume_next.php?rid=[id] ) add your photo ( you_shell.php upload ) after open new page you right clik your photo and select to properties copy photo link and paste your explorer go your shell your_shell: localhost/script_path/jobseekers/logos/[id].php example for demo: user: sabrina passwd: testing: login: http://zeejobsite.com/jobseekers/jobseekerloginpage.php change profile direckt link: http://zeejobsite.com/jobseekers/editresume_next.php?rid=47 and your_shell link: http://zeejobsite.com/jobseekers/logos/7271406.php thanks: str0ke & yildirimordulari.org & darkc0de.com # milw0rm.com [2008-11-08]
Related Exploits
Trying to match CVEs (1): CVE-2008-6913Trying to match OSVDBs (1): 56889
Other Possible E-DB Search Terms: Zeeways ZeeJobsite 2.0, Zeeways ZeeJobsite
| Date | D | V | Title | Author |
|---|---|---|---|---|
| 2009-12-10 |  |
|
Zeeways ZeeJobsite - 'basic_search_result.php' Cross-Site Scripting | bi0 |
| 2008-08-15 | |
|
Zeeways ZeeJobsite 2.0 - 'adid' Parameter SQL Injection | Hussin X |