Monday, March 12, 2012

"Add Testimonial" ~ remote File upload vulnerability.

Google Dork : 2011 all rights reserved.Website Designed by GanjaDaddy.com
                               :Think 0.0?

[#1] Open website ..

[#2] Go to this URL : testimonial/add.html.php
For example :  http://Site.com/testimonial/add.html.php

[#3] Now Upload Your Deface or any file

[#4] to view you upload file go to /images/testimonial/ , you'll se index of files here ... click on last file, its urs !!

[#5] enjOy =) Leave a Comment beLow if you Like it

Demo :
http://sdhealingarts.com/testimonial/add.html.php?
http://slangmediagroup.com/testimonial/add.html.php?
http://thepharmcollective.com/testimonial/add.html.php?
http://www.ganjadaddy.com/demo/firestation/testimonial/add.html.php?

Result : http://slangmediagroup.com/images/testimonial/testim_20111218213043
http://www.ganjadaddy.com/demo/firestation//images/testimonial/testim_20111218215509
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)