InterPhoto Images Upload

2015.11.01

Credit: Tonel Team

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:interphoto?id=

 ######################
# Exploit Title : InterPhoto Images
# Exploit Author : Tonel  Team
# Vendor Homepage : http://www.interphoto.es/
# Google Dork : inurl:interphoto?id=
# Date: 01/11/2015
# Tested On : Windows8.1/Google chrome
# Version : All Version
######################
# Describe :
# At The First Search Dork And Choose A Target
# Then You Have To Registeration.
# When You Do It,you Will Go To The Upload Piece In Your Target.
# Then you Have To Enter the switch HTML And Insert your Code Deface Page And Select A Name For Your File.
# Then You Select A Image From Your System And Enter The Save.
# Your Deface Page Is In Home Address.
# Deface Page.
# Demo Site(s):
# http://www.parsibecXhat.com/gallery/index.php
# http://www.fscedu.Xnet/interphoto/index.php
# http://demo.opensXourcecms.com/interphoto/index.php
# http://hooshangnXews.com/pic/index.php
# http://pic.handhXits.com/index.php
# http://www.taXtabjd.com/photo/
######################
# discovered by : Zeus_Syborg
######################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

InterPhoto Images Upload

Dork: inurl:interphoto?id=

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.