########################################## [~] Exploit Title: Stradus CMS Multiple Vulnerabilities [~] Date: 21-03-2013 [~] Author: DaOne aka Mocking Bird [~] Vendor Homepage: http://stradus.eu/ [~] Software Link: http://sourceforge.net/projects/straduscms/ [~] Category: webapps/php [~] Version: 1.0beta4 [~] Tested on: Apache/2.2.8(Win32) PHP/5.2.6 ########################################## # File Upload http://localhost/SCMS_1.0/moduls/photo_album/upload.php http://localhost/SCMS_1.0/moduls/simply_image/upload.php # XSS / SQL Injection http://localhost/SCMS_1.0/adminfiles/log_view.php?order_by={SQLi/XSS} http://localhost/SCMS_1.0/moduls/photo_album/new.php?edit={SQLi/XSS}Брой прочитания на тази страница: 1031
Stradus CMS 1.0beta4 – Multiple Vulnerabilities