bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7884.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

39 lines
No EOL
1 KiB
Text
Raw Blame History

[~] Flax Article Manager 1.1 Remote File Upload Vulnerability
[~]
[~] ----------------------------------------------------------
[~] Discovered By: S.W.A.T. svvateam@yahoo.com
[~]
[~] Home: www.batlagh.com
[~]
[~] Script Page: http://www.clixint.com/products/articles
[~]
[~] Dork: Copyright 2006 © Flax Article Manager v1.1
[~] -----------------------------------------------------------
Xpl:
1.First Register Into The Site ( link: www.site.com/[path]/register.php )
2.Login With Your Username & Password
3.Choose A Picture For Your Avatar You Can Use All Extention File Ex: c99.php
[In Edit Profile] Or [Register Page] You Can Select The File
4.Your Shell Will Be Appear In This Folder ( link: www.site.com/[path]/images/author_pics/[random id]_avatar.php )
5.Go To This Url: www.site.com/[path]/profile.php?author_id=[Your Author ID] Then Right Click On The Pic And Use Properties To Find Out The Link Of Shell Script
6.Hack The Site ;)
Demo:
http://www.articlesitedemo.com
[~] Me:
I'll Be A C I D A L !!!
# milw0rm.com [2009-01-27]
Reference in a new issue View git blame Copy permalink