all things security

SOA - School Management System 3.0 Shell Upload

SOA - School Management System 3.0 Shell Upload
Posted Sep 2, 2017
Authored by Ali BawazeEer

SOA - School Management System version 3.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 2fe2cdfd6210b32a06189f8002f9cb10

SOA - School Management System 3.0 Shell Upload

Change Mirror Download

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

<!--
# Exploit Title: SOA - School Management System 3.0 - Arbitary file upload
# Exploit Author: Ali BawazeEer || https://sa.linkedin.com/in/alibawazeeer
# Dork: N/A
# Date: 2.09.2017
# Vendor Homepage : https://ynetinteractive.com/
# Software Link: http://codecanyon.net/item/soa-school-management-software-with-integrated-parents-students-portal/20435367?s_rank=3
# Demo: http://demo.ynetinteractive.com/soa/
# version 3.0
# Category: Webapps /php
# Tested on: mozila firefox
#
#
--!>

# ========================================================
#
#
# SOA - School Management System 3.0 - Arbitary file upload
#
# Description : attacker who has access to the administrative panel can upload arbitray file which may lead to total compromise of the web server
#
# Proof of Concept : -
#
# http://localhost/soa/administrator/Gallery.php
#
# upload shell in php no filter for file extenstion in place
#
# /soa/administrator/Gallery.php?album=1
# http://localhost/soa/media/uploads/your shell.php
#
# Risk : authenticated attacker will be able to compromise the entire server
#
#
# ========================================================
# [+] Disclaimer
#
# Permission is hereby granted for the redistribution of this advisory,
# provided that it is not altered except by reformatting it, and that due
# credit is given. Permission is explicitly given for insertion in
# vulnerability databases and similar, provided that due credit is given to
# the author. The author is not responsible for any misuse of the information contained
# herein and prohibits any malicious use of all security related information
# or exploits by the author or elsewhere.
#
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close