exploit the possibilities

Vacation Rental Script 4.0 Shell Upload

Vacation Rental Script 4.0 Shell Upload
Posted Dec 20, 2010
Authored by Br0ly

Vacation Rental Script versions 4.0 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 915fa36d5903a61aafaf7dcadc5ea10b

Vacation Rental Script 4.0 Shell Upload

Change Mirror Download
Script Name: Vacation Rental Script <= 4.0
Site: http://www.vacationrentalscript.com/

Bug: Upload Shell
Found: Br0ly
google dork: "2006 - 2009 Vacation Rental Script" BraZIL!!

You need register a account first so:

Signup: http://server/signup

Cheek your email for login and password

So login in:

http://server/members/login

After login:
Go to:

http://server/members/profile

at the bottom of the page you can upload a logo why not a lithe and nice
shell?

Upload a shell type: shell.php.jpg or shell.php.jpeg

after upload:

http://server/public/upload/logos/youshell.php.jpg

Login or Register to add favorites

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close