BugTraq
Back to list
|
Post reply
Avsarsoft Matbaa Script - Multiple Vulnerabilities
Apr 23 2015 12:49PM
ZoRLu Bugrahan (zorlu milw00rm com)
Hi guys,
Avsarsoft Matbaa Script - Multiple Vulnerabilities
Thanks,
ZoRLu#Title : Avsarsoft Matbaa Script - Multiple Vulnerabilities
#Author : ZoRLu / zorlu (at) milw00rm (dot) com [email concealed]
#Website : milw00rm.com / milw00rm.net / milw00rm.org
#Twitter : https://twitter.com/milw00rm or @milw00rm
#Test : Windows7 Ultimate
#Discovery : 15/04/15
#Publish : 23/04/15
#Thks : exploit-db.com, packetstormsecurity.com, securityfocus.com, sebug.net, cxsecurity.com and others
#BkiAdam : Dr.Ly0n, KnocKout, LifeSteaLeR, Nicx
#Demo : http://avsarsoft.com/matbaa/
#Demo User : sop08574 (at) qisdo (dot) com [email concealed]
#Demo Pass : 123456
1) Remote File Upload Vulnerability
you go here:
localhost/path/index.php?Git=KartvizitTasarla
localhost/path//index.php?Git=BrosurTasarla
localhost/path/index.php?Git=DavetiyeTasarla
after click to "Resim Ekle"
select your php file and wait for upload
after go here for you php file
localhost/path/upload/file.php
1) Multiple XSS Vulnerabilities
register to site
localhost/path/index.php?Git=UyeOl
after login
localhost/path/index.php?Git=Uyelik
after go here and add your xss code
localhost/path/index.php?Git=KontrolPaneli&Sayfa=KisiselBilgilerim
localhost/path/index.php?Git=KontrolPaneli&Sayfa=AdresBilgilerim
localhost/path/index.php?Git=KontrolPaneli&Sayfa=Yorumlar
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Avsarsoft Matbaa Script - Multiple Vulnerabilities
Thanks,
ZoRLu#Title : Avsarsoft Matbaa Script - Multiple Vulnerabilities
#Author : ZoRLu / zorlu (at) milw00rm (dot) com [email concealed]
#Website : milw00rm.com / milw00rm.net / milw00rm.org
#Twitter : https://twitter.com/milw00rm or @milw00rm
#Test : Windows7 Ultimate
#Discovery : 15/04/15
#Publish : 23/04/15
#Thks : exploit-db.com, packetstormsecurity.com, securityfocus.com, sebug.net, cxsecurity.com and others
#BkiAdam : Dr.Ly0n, KnocKout, LifeSteaLeR, Nicx
#Demo : http://avsarsoft.com/matbaa/
#Demo User : sop08574 (at) qisdo (dot) com [email concealed]
#Demo Pass : 123456
1) Remote File Upload Vulnerability
you go here:
localhost/path/index.php?Git=KartvizitTasarla
localhost/path//index.php?Git=BrosurTasarla
localhost/path/index.php?Git=DavetiyeTasarla
after click to "Resim Ekle"
select your php file and wait for upload
after go here for you php file
localhost/path/upload/file.php
1) Multiple XSS Vulnerabilities
register to site
localhost/path/index.php?Git=UyeOl
after login
localhost/path/index.php?Git=Uyelik
after go here and add your xss code
localhost/path/index.php?Git=KontrolPaneli&Sayfa=KisiselBilgilerim
localhost/path/index.php?Git=KontrolPaneli&Sayfa=AdresBilgilerim
localhost/path/index.php?Git=KontrolPaneli&Sayfa=Yorumlar
[ reply ]