Access2asp - 'imageLibrar' Arbitrary File Upload

EDB-ID:

8132

CVE:

N/A


Platform:

ASP

Published:

2009-03-02

                         ||          ||   | ||        
                   o_,_7 _||  . _o_7 _|| 4_|_||  o_w_,
                  ( :   /    (_)    /           (   .  


################################################################
#           upload shell
#
#           Found by ::: mr.al7rbi
#
#           Contact  ::: n16 [at] live.com
#
#           my Group ::: islam-defenders Team
#
################################################################


[+] Title: imageLibrary


[dork]

inurl:"default_Image.asp"

[+] EXPLOITS:

http://www.site.com/imageLibrary//admin/images/default_Image.asp

[exp:]  

http://www.davidhalpernmd.com/manage_tbps/default_Image.asp

[demo]

]http://www.access2asp.com/imageLibraryDemo/admin/images/default_Image.asp

[shell be like ]

http://www.access2asp.com/imageLibraryDemo/admin/images/win.asp


[+] Special  Greetz for :  www.sec-code.com

[+] Greetz : MaTrEx  & samkmk.almkkar & 3lo0osh  &  ili The General ili & Super-Code & BxH &all tryag members & all muslims

# milw0rm.com [2009-03-02]