38 lines
No EOL
1.1 KiB
Text
38 lines
No EOL
1.1 KiB
Text
'''
|
|
__ __ ____ _ _ ____
|
|
| \/ |/ __ \ /\ | | | | _ \
|
|
| \ / | | | | / \ | | | | |_) |
|
|
| |\/| | | | |/ /\ \| | | | _ <
|
|
| | | | |__| / ____ \ |__| | |_) |
|
|
|_| |_|\____/_/ \_\____/|____/
|
|
|
|
http://www.exploit-db.com/moaub-13-luftguitar-cms-vulnerability-upload-arbitrary-file/
|
|
'''
|
|
|
|
Abysssec Inc Public Advisory
|
|
|
|
|
|
Title : Luftguitar CMS Vulnerability: Upload arbitrary file
|
|
Affected Version : Luftguitar CMS 2.0.2
|
|
Discovery : www.abysssec.com
|
|
Vendor :
|
|
|
|
Demo :
|
|
Download Links : http://sourceforge.net/projects/luftguitarcms/
|
|
|
|
|
|
Description :
|
|
===========================================================================================
|
|
|
|
This CMS have Upload arbitrary file valnerability with Image Gallery.
|
|
|
|
you can upload your file with this path:
|
|
http://Example.com/Backstage/Components/FreeTextBox/ftb.imagegallery.aspx
|
|
|
|
|
|
Uploaded files will be placing in this path:
|
|
|
|
http://Example.com/Images/
|
|
|
|
|
|
=========================================================================================== |