Easy CMS 0.1.2 Php Shell Upload Vulnerabilities

liz0 Mon, 19 Jun 2006 15:25:42 -0700

Easy CMS 0.1.2 Php Shell Upload Vulnerabilities 

----------------------------------------------------


site:http://sourceforge.net/projects/php-easy-cms/

demo:http://www.easy-cms.be/

--------------------------------------------------

Bug:


1)http://victim/choose_file.php



  Documents 

 

  Images 

 

  Scripts 

 

  Styles 

 

  Templates 

 

  Add a directory 

 

  Add a file 



2)click add a file 


and upload shell.php.gif 


http://victim/Repositories/shell.php.gif



Example bug video download here http://biyosecurity.be/video/easycms.rar



 

----------------------------------------------------------

Credit:Liz0ziM

Mail:[EMAIL PROTECTED]

Site:www.biyo.tk,www.biyosecurity.be


---------------------------------------------------------------

Source:


http://biyosecurity.be/bugs/easycms.txt

http://www.blogcu.com/Liz0ziM/719389/

http://liz0zim.no-ip.org/easycms.txt

Easy CMS 0.1.2 Php Shell Upload Vulnerabilities

Reply via email to