Inout Article base Ultimate Shell upload Vulnerabilty
Posted on 06 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Inout Article base Ultimate Shell upload Vulnerabilty </title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>===================================================== Inout Article base Ultimate Shell upload Vulnerabilty ===================================================== Name : Inout Article base Ultimate Shell upload Vulnerabilty Critical Level :VERY HIGH vendor URL :http://www.inoutscripts.com Price:$197 Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com> special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com special Shoutz : my Girl Frnd [H*****] ####################################################################################################### Description : ? ??? Inout Article Base is a powerful, feature rich, fully customizable article script from inoutscripts.com. This is a highly Search Engine Optimized script which helps you to publish unlimited number of articles. The entire system is template driven which allows you to easily modify the public pages to match your web site look. If you are serious about your online business, help yourself driving traffic from search engines into your website with Inout Article Base. ####################################################################################################### Xploit :Shell Upload Vulnerability DEMO URL http://www.inoutdemo.com/inout_article_base_ultimate/member/newarticle Uploaded Path : http://www.inoutdemo.com/inout_article_base_ultimate/admin/pictures/692/ unpriviledged user could be Able to upload Shell and take over the control . ############################################################################################################### # ..::[ SONiC ]::.. aka the_pshyco # profile http://inj3ct0r.com/author/2545 # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-06]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
