[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Phorm v3.0 Remote File Upload Vulnerability

To: ilkerkandemir@xxxxxxxxx
Subject: Re: Phorm v3.0 Remote File Upload Vulnerability
From: security curmudgeon <jericho@xxxxxxxxxxxxx>
Date: Fri, 7 Dec 2007 02:24:20 +0000 (UTC)

: # Phorm v3.0  Remote File Upload Vulnerability
: 
: # ilker kandemir <ilkerkandemir[at]mynet.com>
: 
: 
: # Exploit: http://[site]/[phorm_path]/lib/fileupload.php           [+]=====>> 
upload your shell.php
: 
: # http://[site]/[phorm_path]/files/phpshell.php

This also won't work unless an administrator makes changes to 
intentionally compromise the installation.

http://attrition.org/pipermail/vim/2007-July/001735.html

Prev by Date: [ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS
Next by Date: R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities
Previous by thread: [ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS
Next by thread: R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities
Index(es):
- Date
- Thread