0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Joomla Front-End Article Manager System Upload Vulnerability
[============================================================ Joomla Front-End Article Manager System Upload Vulnerability ============================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ########################################## 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 ########################################## 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla Front-End Article Manager System Upload Vulnerability Date : july 4,2010 Critical Level : HIGH vendor URL :http://b-elektro.no/ Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com> special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_ greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz ####################################################################################################### Description: The Front-end article manager system is a simple and very powerful extention, that allows users to manage articles directly from front-end. The system is an article manager that povides various of features, like management of articles,create,edit,delete, publish, approval, notification etc. The system also provides some access control based on user groups or individual users.This gives you the opportunity to create personal blogs, front-end approvement systems, create submition restriction and so on. The users and administrator of the site no longer need to use, or learn how to navigate in back-end to manage articles. The system consists of two modules for creating and deleting articles, and a template overrider. ####################################################################################################### Xploit :Upload Vulnerability DEMO URL :http://b-elektro.skj.no/ Step 1 : Register :D Step 2 : Now go to your page and select "NEW " DEMO URL:http://b-elektro.skj.no/index.php?view=article&id=9312&task=edit&option=com_content&ret=aHR0cDovL2ItZWxla3Ryby5za2oubm8vaW5kZXgucGhwP29wd Glvbj1jb21fY29udGVudCZ2aWV3PWNhdGVnb3J5JmxheW91dD1ibG9nJmlkPTExJkl0ZW1pZD0xOA== Step 3 : Now upload the evil php script in the text place :P Step 4 : now check your blog and upload the shell DEMO URL :http://b-elektro.skj.no/index.php?option=com_content&view=category&layout=blog&id=11&Itemid=18 ############################################################################################################### # 0day no more # Sid3^effects # 0day.today [2024-12-23] #