RazorCMS 1.2.1 STABLE - Arbitrary File Upload
| EKU-ID: 24304 | CVE: OSVDB-80619 | OSVDB-ID: |
| Author: i2sec_Hyo jun Oh | Published: 2012-03-08 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 24304 | CVE: OSVDB-80619 | OSVDB-ID: |
| Author: i2sec_Hyo jun Oh | Published: 2012-03-08 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: RazorCMS <= 1.2.1 STABLE File Upload Vulnerability # Google Dork: # Date: 2012-02-26 # Author: i2sec_Hyo jun Oh # Software Link: http://www.razorcms.co.uk/archive/core/razorCMS_core_v1_2_1_STABLE.zip # Version: RazorCMS 1.2.1 # Tested on: Windows XP Upload a file extension did not check. Destination 1. user login 2. user upload webshell 3. Run sebshell ----- <host>/datastore/webshell.php