Ceica Groupware 1.5 Arbitrary Remote File Upload Vulnerability

2010-06-04 15:01:54

# Tilte: Ceica Groupware 1.5 Remote File Upload Vulnerability
# Date....................: [03-06-2010]
# Author..................: [Ma3sTr0-Dz]
# Location ...............: [Algeria]
# Software ...............: [Ceica Groupware 1.5]
# Site Software ..........: [http://sourceforge.net/project/platformdownload.php?group_id=201974]
# Sptnx ..................: [CmOs_CLR & ALL Sec4ever.com Memberz.]
# Home : .................: [Www.Sec4ever.Com]# Contact me : ...........: [[email protected]]
# Vulnerability: Remote File Upload .
# Part ExplOit & Bug Codes : ---

http://localhost/[Ceica]/FileBrowser.php
http://localhost/[Ceica]/multiple_upload_ac.php
http://localhost/[Ceica]/filebrowser/multiple_upload.php


you for use this exploit . you must your shell file exists in exploit directory
then excute exploit you find your shell in below link

www.example.com/[Ceica]/images/1.gif.php
www.example.com/[Ceica]/images/[shell][.php]

---
Contact: [email protected] or visit our home : sec4ever.com/home for more localz root & shell codes .

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.