bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/13892.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

33 lines
No EOL
1 KiB
Text
Raw Blame History

Name : PHPAuctionSystem Upload Vulnerability
Date : june, 16 2010
Vendor url :http://www.phpauctions.info/
Critical Level : HIGH
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,gunslinger_
greetz to :All ICW members and my friends :) luv y0 guyz
#######################################################################################################
PHPAuctionSystem had various vulnerablities which was found
#######################################################################################################
Xploit:Upload Vulnerability
Step 1: register as a user :)
Step 2: goto "sell an item" option
DEMO URL :http://[site]/select_category.php?
Step 3: post ur evil-code in the item description
Step 4:check your item and ur evil script is executed and upload your shell and enjoy :P
demo url :http://[site]/sell.php :)
###############################################################################################################
# 0day no more
# Sid3^effects
Reference in a new issue View git blame Copy permalink