CloudShare version 1.6 suffers from a remote shell upload vulnerability.
0abe220826a82493d6abfa4005f6e2e83165291ef60fd60d795d18f342d1f1ab
========================================================================
| # Title : CloudShare v1.6 Shell upload vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on : windows 8.1 FranASSais V.(Pro)
| # Version : v1.6
| # Vendor : https://www.nulled-scripts.com/cloudshare-v1-6-online-file-sharing-application-php-script/
| # Dork : n/a
========================================================================
poc :
upload any file extension and go to
http://127.0.0.1/Application%20Files/application/storage/
app/1863396291/1475150992-ahmad.php
Greetz :
aua'>>a'1/2a'1/2a'dega'deg aua'degaua'degau a'>>a'*a'*auaua'>>------au-auau-a'deg a'degaua'degauPSaua'3a'>>au-------- aua'degauau! aua'degauaua'*oauaua'degau ------
|
jericho * Larry W. Cashdollar * moncet-1 * achraf.tn |
|
===================== pa'degaua'1/2a'>>au auauoauau aua'>>auauauauauauC/ =============================