| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 18 Jun 2006 15:41:37 -0000 From: liz0@...mail.com To: bugtraq@...urityfocus.com Subject: Easy CMS 0.1.2 Php Shell Upload Vulnerabilities Easy CMS 0.1.2 Php Shell Upload Vulnerabilities ---------------------------------------------------- site:http://sourceforge.net/projects/php-easy-cms/ demo:http://www.easy-cms.be/ -------------------------------------------------- Bug: 1)http://victim/choose_file.php Documents Images Scripts Styles Templates Add a directory Add a file 2)click add a file and upload shell.php.gif http://victim/Repositories/shell.php.gif Example bug video download here http://biyosecurity.be/video/easycms.rar ---------------------------------------------------------- Credit:Liz0ziM Mail:liz0@...mail.com Site:www.biyo.tk,www.biyosecurity.be --------------------------------------------------------------- Source: http://biyosecurity.be/bugs/easycms.txt http://www.blogcu.com/Liz0ziM/719389/ http://liz0zim.no-ip.org/easycms.txt
Powered by blists - more mailing lists