Goople CMS 1.7 - Arbitrary File Upload

EDB-ID:

7197

CVE:

N/A

Author:

x0r

Type:

webapps

Platform:

PHP

Published:

2008-11-23

-============================================-
Autore: x0r - Evolution Team
Msn: andry2000@hotmail.it
Cms: Goople Cms 1.7
Bug: Arbitrary File Upload
Download:
http://ovh.dl.sourceforge.net/sourceforge/gooplecms/GoopleCMS_1.7.rar
-============================================-
Exploit:

Logg youself like a normal user, and then go to:

/win/content/upload.php and upload your php shell

after go to: /user/doc/shell.php

Greetz: Amore mio sono 47 giorni che stiamo insieme, 47 giorni
fantastici...sei la mia vita... A + M = L O V E
        Ti Amo Bimba Mia... 8\10\2008

# milw0rm.com [2008-11-23]