BugTraq
Back to list
|
Post reply
# MHG Security Team --- OzzyWork Gallery Upload Vulnerabilities
May 09 2006 11:37AM
Dj_ReMix_20 hotmail com
# Milli-Harekat Advisory ( www.milli-harekat.org )
# OzzyWork Gallery Upload Vulnerabilities
# Risk : High
# Class: Remote
# Script : OzzyWork Gallery All Version
# Credits : Dj ReMix
# Thanks : ßy Korsan , ESKOBAR , Poizonb0x , TR_IP
OzzyWork Gallery pictures upload page :
www.victim.com/[Ozzywork Path ]/add.asp
Vulnerable Code : onSubmit="checkFileUpload(this,'GIF,JPG,JPEG,BMP,PNG',true,'',150,100,64
0,480,'PIC_WIDTH','PIC_HEIGHT');return document.MM_returnValue
This Code Deleted and All file Type upload...
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
# OzzyWork Gallery Upload Vulnerabilities
# Risk : High
# Class: Remote
# Script : OzzyWork Gallery All Version
# Credits : Dj ReMix
# Thanks : ßy Korsan , ESKOBAR , Poizonb0x , TR_IP
OzzyWork Gallery pictures upload page :
www.victim.com/[Ozzywork Path ]/add.asp
Vulnerable Code : onSubmit="checkFileUpload(this,'GIF,JPG,JPEG,BMP,PNG',true,'',150,100,64
0,480,'PIC_WIDTH','PIC_HEIGHT');return document.MM_returnValue
This Code Deleted and All file Type upload...
[ reply ]