Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17025
HistoryMay 15, 2007 - 12:00 a.m.

ImI image file inclusion in script upload

2007-05-1500:00:00
vulners.com
64
JSON

w2box: web 2.0 File Repository (Upload)

Script Code Source http://labs.beffa.org/w2box/

Dork : "powered by w2box"

Discovered by 4ur3v0ir

#Homepage Four: http://www.security-frog.org http://www.c-group.org
http://hslteam.org

Greetz To:NINF,frat2005,komtec1,kakalake,AntraX,fr34k And Staff


Exploit:

http://wwww.homepage.com/w2box/

Upload a file with the extension .php.jpg to obtain shell in the system

http://www.homepage.com/w2box/data/file.php.jpg

JSON