[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

RazorCMS <= 1.2.1 STABLE File Upload Vulnerability

Author
i2sec
Risk
[
Security Risk High
]
0day-ID
0day-ID-17639
Category
web applications
Date add
08-03-2012
Platform
php
# Exploit Title: RazorCMS <= 1.2.1 STABLE File Upload Vulnerability
# Google Dork:
# Date: 2012-02-26
# Author: i2sec_Hyo jun Oh
# Software Link: http://www.razorcms.co.uk/archive/core/razorCMS_core_v1_2_1_STABLE.zip
# Version: RazorCMS 1.2.1
# Tested on: Windows XP
Upload a file extension did not check.
Destination
1. user login
2. user upload webshell
3. Run sebshell  ----- <host>/datastore/webshell.php



#  0day.today [2024-12-24]  #