Showing 1 - 2 of 2

Files from Ashoo

PHP Volunteer Management System v1.0.2 Arbitrary File Upload: Posted May 31, 2012; Authored by sinn3r, Ashoo | Site metasploit.com; This Metasploit module exploits a vulnerability found in PHP Volunteer Management System, versions 1.0.2 and prior. This application has an upload feature that allows an authenticated user to upload anything to the 'uploads' directory, which is actually reachable by anyone without a credential. An attacker can easily abuse this upload functionality first by logging in with the default credential (admin:volunteer), upload a malicious payload, and then execute it by sending another GET request.; tags | exploit, php; SHA-256 | a9247fc86c26d352083bf798cdd011abca8e533b47fe3653ae48f91b1a8c9e3b; Download | Favorite | View

PHP Volunteer Management System 1.0.2 Cross Site Scripting / Shell Upload: Posted May 28, 2012; Authored by Ashoo; PHP Volunteer Management System version 1.0.2 suffers from cross site scripting and shell upload vulnerabilities.; tags | exploit, shell, php, vulnerability, xss; SHA-256 | 5dda1338ca319b4adddc456481f9f1b5cd07d77f0275192f85b5454e36568928; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days