Image Gallery uploader

2012-10-05 01:21:59
Posted by: Siavash_BHG

##################################################
Image Gallery uploader
##################################################
# Exploit Title :Image Gallery uploader
# Google Dork: inurl:documents/htmlarea/insert_image.php 0r "documents/htmlarea"
#Exploit:lpcalhost/documents/htmlarea/insert_image.php
#Upload header : Tamper Data USe
#Author: BHG Security Center
# Home: http://cc.black-hg.org/ - http://greyh4t.com/cc/
# Tested on: [linux+apache]
# Finder(s):Siavash ([email protected])
# Examle:
http://www.artebec.cl/documents/htmlarea/insert_image.php
http://wwwview.ciqa.mx:8080/SPM2006/documents/htmlarea/insert_image.php?textareaname=ipreview
http://okamatraining.com/documents/htmlarea/insert_image.php
##################################################
[-] Disclosure timeline:
[04/08/2011] - Vulnerabilities discovered
[14/10/2011] - Others vulnerabilities discovered
[15/10/2011] - Issues reported to http://black-hg.org/
[04/09/2012] - Public disclosure
# Greets To :
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ G3n3Rall ~ l4tr0d3ctism ~ NoL1m1t
~ Mr.XHat ~ Dj.TiniVini ~ Siamak.Black ~ 0x0ptim0us THANKS TO ALL Iranian HackerZ ./Persian Gulf
===========================================[End]=============================================

Fixes

No fixes

In order to submit a new fix you need to be registered.